Pwn2Own Automotive 2025: Hackers Hit the Jackpot with $382K Bounty on Day One!
In a tech twist, the Pwn2Own Automotive 2025 hacking contest revved up with $382,750 in rewards for unearthing 16 zero-day vulnerabilities. Cash rolled in for exploits on Autel and Ubiquiti EV chargers, but alas, no Teslas were harmed in the making of this event. Stay tuned for more daring attempts!
Hot Take:
If you thought hacking your car’s GPS was impressive, wait until you see hackers cashing in more than your annual salary by tinkering with electric vehicle chargers. Welcome to Pwn2Own Automotive 2025, where your car’s infotainment system might just become the next cryptocurrency mine!
Key Points:
- Pwn2Own Automotive 2025 kicked off with a whopping $382,750 in rewards for 16 zero-day vulnerabilities.
- The highest individual rewards were $50,000, handed out for exploits on Autel and Ubiquiti EV chargers.
- Participants aimed at infotainment systems from brands like Alpine, Kenwood, and Sony, earning $20,000.
- No Tesla exploits this year, but the potential rewards included a car and $500,000.
- Last year’s event dished out $1.3 million for exploits on Teslas, chargers, and infotainment systems.
Electric Dreams and Dollar Bills
Day one of the Pwn2Own Automotive 2025 hacking contest saw participants turning their cybersecurity skills into cold, hard cash. The event, held in conjunction with the Automotive World conference in Tokyo, showcased some impressive feats of digital wizardry. Hackers, or should we call them “automotive enthusiasts,” earned a total of $382,750 by uncovering 16 unique zero-day vulnerabilities. The primary targets? Infotainment systems, EV chargers, and automotive operating systems. It’s like The Fast and the Furious, but with more code and fewer car chases.
Charged Up and Cashing Out
The biggest cash cows of the day were exploits targeting EV chargers. Autel and Ubiquiti chargers topped the charts with $50,000 payouts for successful hacks. Meanwhile, a Phoenix Contact charging controller exploit brought in a cool $41,750, and a ChargePoint charger exploit earned $47,500. If you’re wondering what to major in at college, “Charger Hacking 101” might be worth considering. Even lesser exploits on Autel and Phoenix Contact chargers netted $25,000 each. Who knew charging your car could be so lucrative?
Tuning in to Infotainment
Not to be outdone by their electric counterparts, in-vehicle infotainment systems also had their share of the spotlight. Hackers took aim at systems from Alpine, Kenwood, and Sony, putting $20,000 into their virtual piggy banks. It seems whether you’re listening to the latest hits or plotting your navigation route, someone’s got their virtual eye on your dashboard. And yes, someone made $33,500 from an exploit on Automotive Grade Linux, reminding us all that even open-source isn’t safe from prying eyes.
No Tesla, No Problem
In a twist of fate akin to a plot twist in a cyber-thriller, there were no attempts to hack a Tesla this year. The organizers had been ready to reward any successful autopilot exploit with a car and up to $500,000 in cash. But alas, it seems Tesla’s digital defenses were either too daunting, or perhaps hackers were busy planning their next conquest. Last year, participants walked away with a staggering $1.3 million for their Tesla, EV charger, and infotainment system exploits. This year, however, they decided to leave the Teslas in peace, at least for now.
Stay Tuned
The Pwn2Own Automotive 2025 contest is far from over, with nearly two dozen more attempts lined up over the next two days. While the focus remains on chargers and infotainment systems, one can only speculate what other car-related tech might be next on the menu. Will someone finally crack the code to make your car’s horn play “La Cucaracha” on command? Only time will tell. Until then, keep your seatbelts fastened and your software updated; the road to a secure automotive future is a bumpy one.