Friday, November 11, 2016

Google Pixel Phone Hacked in 60 Seconds at PwnFest 2016


The brand new Android smartphone launched by Google just a few months back has been hacked by Chinese hackers just in less than a minute.

Yes, the Google's latest Pixel smartphone has been hacked by a team white-hat hackers from Qihoo 360, besides at the 2016 PwnFest hacking competition in Seoul.

The Qihoo 360 team demonstrated a proof-of-concept exploit that used a zero-day vulnerability in order to achieve remote code execution (RCE) on the target smartphone.



The exploit then launched the Google Play Store on the Pixel smartphone before opening Google Chrome and displaying a web page that read "Pwned By 360 Alpha Team," the Reg media reports.

Qihoo 360 won $120,000 cash prize for hacking the Pixel.


Google will now work to patch the vulnerability.

Besides the Google Pixel, Microsoft Edge running under Windows 10 was also hacked in PwnFest hacking competition.

The Qihoo 360 team also hacked Adobe Flash with a combination of a decade-old, use-after-free zero-day vulnerability and a win32k kernel flaw to win a $120k prize.

Along with hacker JH, Chinese iPhone jailbreak team Pangu, which release million-dollar iOS jailbreaks for free, discovered a Safari exploit that used a privilege escalation zero-day flaw, giving them root access on Apple's updated Safari browser running on MacOS Sierra in just 20 seconds.

The exploit earned the team $80,000.

Details of all the exploits will be reported to the respected companies so that they can patch their software before black-hat hackers use them for malicious purposes.

The Qihoo 360 team of hackers walked away with a total prize money of $520,000.

No comments:

Post a Comment