Automotive companies sometimes employ well-meaning hackers to test the security of their electronic and computer systems, discover potential flaws and fix them. Tesla is one of them and even offers rewards through the Bugcrowd platform.
A French cybersecurity company, Synacktiv, won the Pwn2Own 2023 international hacking competition held recently in Vancouver by infiltrating a Tesla Model 3 in less than two minutes.
Taking advantage of a breach in the Gateway system that manages communication between the electric compact sedan and Tesla’s Powerwall home battery, his team was quickly able to access the infotainment system and replace Tesla’s logo with its own, among other things. She also played with the lights, the horn and the windscreen wipers.
In another attempt, Synacktiv gained access to a Model 3 over an Ethernet network, allowing it to open doors and trunks while the car was driving. For obvious safety reasons, she did not attempt to take control of the driving.
Tesla experts who were on site confirmed that the hacks were indeed successful. The feat earned Synacktiv a US$350,000 purse… and a brand new Model 3!
Tesla ensures that the main controls of the vehicle (motor, pedals, steering wheel) have never been threatened, which Synacktiv however questions. Anyway, as it does regularly to correct problems, the Californian manufacturer mentioned that a software update will soon be sent to Model 3 owners so that such hacking is no longer possible.
In January 2022, a 19-year-old hacker made headlines after discovering a computer flaw in Tesla’s systems that allowed him to access more than 25 Tesla cars in 13 countries around the world.
He was apparently able to see if someone was on board, unlock the doors, control the windows, radio and lights, start the vehicle and deactivate the anti-theft functions simply using his computer. However, driving the Teslas from a distance was impossible for him.