Infosec in Brief Trend Micro's Zero Day Initiative (ZDI) held its first-ever automotive-focused Pwn2Own event in Tokyo last week, awarding over $1.3 million to the discoverers of 49 automotive zero-day vulnerabilities.
Hack a Tesla Model 3 on Pwn2Own
Researchers from French security outfit Synactiv took home $450,000 after demonstrating six successful exploits, one of which saw the company's crew gain root access to a Tesla modem. Another attempt found a sandbox vulnerability in the infotainment system of the Musk mobiles.
Other popular targets at the three-day event included aftermarket infotainment systems and, more worryingly, a whole host of successful hacks on electric car chargers.
Five $60,000 bounties — the second-highest monetary awards behind Synactiv's $100,000 Tesla hack — were awarded for attacks on electric chargers made by Emporia, ChargePoint, Ubiquiti, Phoenix and JuiceBox.