Pierluigi Paganini
November 15, 2018
During the first day of the Pwn2Own Tokyo 2018 contest, participants hacked Apple iPhone X, Samsung Galaxy S9 and Xiaomi Mi 6 devices earning more than $225,000.
The novelty for this Pwn2Own edition was the creation of a specific session for IoT devices.
On the second day, the organizers only paid $100,000 for one iPhone and two Xiaomi hacks.
The day began with the success of the Team Fluoroacetate composed of Amat Cama and Richard Zhu, who hacked an iPhone X exploiting a Just-In-Time (JIT) bug and an out-of-bounds access flaw.
The team received $50,000 to have exfiltrate data from the device, they successfully stole a previously deleted photo from the targeted device.
Team Fluoroacetate also failed to demonstrate a baseband exploit targeting the iPhone X within the allotted time, but the experts successfully exploited an integer overflow in the JavaScript engine of the Xiaomi web browser to exfiltrate a picture from the phone.
They earned $25,000 USD and 6 Master of Pwn points.
F-Secure’s MWR Labs (Georgi Geshev, Fabi Beterke, and Rob Miller) also failed in hacking the iPhone X in the browser category, they were not able to use their exploit chain within the allotted time.
LaterMWR Labs hacked the Xiaomi Mi6 in the browser category using a download bug along with a silent app installation to load their custom app and exfiltrate pictures.
They earned another $25,000 USD and 6 more Master of Pwn points.
The organizers reported the flaws to their respective vendors, they paid out a total of $325,000 for 18 zero-days, $110,000 was for iPhone X exploits.
The flaws could be used by a persistent attacker or a surveillance firm to compromise the target device via its browser or Wi-Fi, their value is much greater in the cybercrime underground.
“Overall, we awarded $325,000 USD total over the two day contest purchasing 18 0-day exploits. Onsite vendors have received the details of these bugs and now have 90 days to produce security patches to address the bugs we reported. Once these are made public, stay tuned to this blog for more details about some of the best and most interesting bugs we saw this week.” concludes the official page for the Pwn2Own Tokyo 2018.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – Pwn2Own Tokyo 2018, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
