SAN FRANCISCO – Tesla has been hacked at the Pwn2Own hacking event, and the hacking group has taken home a Tesla Model 3 and $100,000.

As electric vehicles and their significant amount of integrated software have become more common in everyday life, the security around them has become significantly more critical. In the worst-case scenario, a hacker could not only gain access to a car but could leak user data or even take control of the vehicle. Now, at the Pwn2Own hacking competition, a group of hackers successfully hacked a Tesla Model 3 and won the vehicle along with a $100,000 prize.

The successful hack completed by the group Synactiv was initially reported by the Zero Day Initiative Twitter account, revealing that the group had used a TOCTOU exploit to gain access to the vehicle.

The TOCTOU (Time-Of-Check Time-Of-Use) exploit involves altering internal files to gain system access. In essence, the hackers are altering the files that a system will check to ensure someone actually should have access. This could, for example, involve changing login credentials to allow yourself access. However, as the name suggests, this is highly time-dependent, as it involves using the discrepancy of time between the system checking the files and a person actually being logged in.

To read more, click on Tesla