Hackers, hackers, cyber criminals. Image Pexels
Pwn2Owna hacker conference taking place this year in Vancouver, has already handed out nearly a million dollars in prizes to those who were able to compromise the systems. Windows 11, the Tesla Model 3 and the free operating system Ubuntu has suffered three biggest hacks.
Pwn2Own is a hacking contest held annually at the CanSecWest security conference. First held in April 2007 in Vancouver, the tournament now takes place twice a year.
The idea is that participants can take advantage of widely used software and mobile devices with previously unknown vulnerabilities to alert the community and IT security specialists. The first participant to complete the course of vulnerabilities wins the prize and closes the category for everyone.
By the end of the second day, the conference had paid off $ 945,000 in rewards, including $ 75,000 to attackers from offensive security firm Synacktiv for two unique bugs found in the Tesla Model 3 infotainment system owned by the world’s richest man, Elon Musk.
The bugs allowed attackers to take over some of the vehicle systems.
Hacker competition in Vancouver. Photo Pwn2Own
Browsers and virtualization were seen as similarly uninteresting, apparently with only one participant each competing with Firefox and Safari, and a lone hacker testing VirtualBox.
Windows 11 and Ubuntu Linux got seven and five entries respectively; four participants tested Teams; and two they tried to destroy the various functions of the Tesla 3.
The Zero Day Initiative also ended with the purchase of a vulnerability in the Tesla Model 3 Diagnostic Ethernet and informed the automaker.
On the first day of Pwn2Own, hackers earned $ 800,000 after successfully exploiting 16 zero-day bugs to hack multiple products, including Microsoft’s Windows 11 operating system and Teams ’communications platform, Ubuntu Desktop, Apple Safari, Oracle Virtualbox and Mozilla Firefox.
On the second day, the participants won $ 195,000 after showing errors in the Telsa Model 3 infotainment system, Ubuntu Desktop and Microsoft Windows 11.
Security researchers showed six exploits in Windows 11 during the contest, hacked the Ubuntu Desktop four times, and showed three Microsoft Teams zero-days. They also reported some bugs in Apple Safari, Oracle Virtualbox, and Mozilla Firefox.
After exploiting and reporting vulnerabilities during Pwn2Own, vendors have 90 days to release security fixes until Trend Micro’s Zero Day initiative disclose them to the public.
The competition, which celebrated its 15th anniversary this year, featured 17 participants from dozens of cybersecurity companies targeting 21 different products in multiple categories. STAR Labs took the lead at the end of the second day with a total win of 270 thousand dollars.
Tesla Model 3, violated. Photo APO