Unconventional Records: Pentesters Hacked a Tesla in Just 2 Minutes

This record immediately brings to mind the famous Hollywood film Gone in 60 Seconds, but back in the 2000s, technology hadn’t yet evolved to today’s level - car theft still relied on brute-force methods. Today, however, all it takes to take control of a vehicle is a computer. That’s exactly what hackers demonstrated at a special 2023 competition: they hacked a Tesla in just 120 seconds - a result that caused a sensation.

The event took place in Vancouver, Canada, as part of the Pwn2Own hacking competition. Specialists from 10 countries participated, including a team of pentesters from France, who showcased two separate exploits targeting the Tesla Model 3.

The hackers gained access to critical vehicle subsystems, including those responsible for safety and control functions. This would have made it possible, for instance, to open the front trunk or doors of a Tesla Model 3 while the car was in motion. They also breached the multimedia system and achieved root access to internal components.

In one of the cases, they performed a TOCTTOU (Time-of-Check to Time-of-Use) attack targeting the Gateway energy management system. This attack took less than two minutes. In the second scenario, the researchers exploited a heap overflow vulnerability and an out-of-bounds write bug in the Bluetooth chipset. The technical specifics of these attacks were not disclosed in order to prevent real-world replication.

For demonstrating their skills, the pentester team received multiple prizes: a brand-new Tesla Model 3, as well as monetary rewards of $100,000 and $250,000.

Importantly, the specialists ensured no harm to other Tesla owners - the exploits were demonstrated on an isolated vehicle head unit. Tesla’s head units are control centers for the infotainment system, providing access to navigation, entertainment, and other features.

Pwn2Own is a prestigious ethical hacking competition that showcases real-world vulnerabilities in widely used technologies. It was founded in 2007 by security expert Dragos Ruiu as a response to Apple’s reluctance to address security flaws.

The first competition was held during the CanSecWest conference, and it has since grown into a biannual event. Participants are tasked with finding and exploiting zero-day vulnerabilities in popular software or devices, hacking them under controlled conditions, and demonstrating their results. Successful attacks earn researchers both cash prizes and the targeted device itself.

Typical Pwn2Own participants include professional security researchers, Red Team specialists, corporate cybersecurity teams, academic representatives, and independent hacker enthusiasts. All competitors operate within the bounds of ethical hacking: they do not exploit vulnerabilities maliciously but instead disclose them to organizers and vendors so the issues can be responsibly patched.