Monday, November 25, 2024
HomeExploitPwn2Own - Ethical Hackers Hacked Samsung Galaxy S9, iPhone X, Xiaomi Mi6...

Pwn2Own – Ethical Hackers Hacked Samsung Galaxy S9, iPhone X, Xiaomi Mi6 & Got Reward $325,000

Published on

Group of White hat hackers compromised Samsung Galaxy S9, iPhone X,  Xiaomi Mi6 and earned $325,000 in Pwn2Own, two days Hacking completion in Tokyo 2018 organized by Trend Micro’s Zero Day Initiative (ZDI).

They discovered 18 Zero-day vulnerabilities in this event by various Team of White Hat hackers from different countries in this two days contest.

Researchers targeted various Phone models and successfully exploiting the vulnerabilities that exist in Samsung Galaxy S9, iPhone X, and the Xiaomi Mi6.

- Advertisement - SIEM as a Service

The First-day Hacking Completion

On the first day, the team Fluoroacetate successfully exploiting the Xiaomi Mi6 handset via NFC that was achieved using the touch-to-connect feature.

This vulnerability can be exploited by forcing users to open the web browser and navigate to their specially crafted webpage where the webpage exploited an Out-Of-Bounds write in web assembly to get code execution and they earned $30,000 USD along with 6 Pwn points.

On the same day, they returned and targeting the Samsung Galaxy S9 and successfully performed heap overflow in the baseband component to get code execution and earned another $50,000 USD with 15 Pwn points.

Fluoroacetate team returned 3rd time and targeting the iPhone X over Wi-Fi and successfully exploiting it using Pair of bugs ” a JIT vulnerability in the web browser followed by an Out-Of-Bounds write for the sandbox escape and escalation” and they earned $60,000 USD with 10P pwn points.

Finally, they earned $140,000 USD on the first day itself along with the Master of Pwn with 31 points and leader of the Pwn.

Another Team from MWR Labs comes to target the Xiaomi Mi6 and successfully exploiting by installing an application via JavaScript, bypass the application whitelist, and automatically start the application on the first day itself. there are 5 bugs were used together and compromised  Xiaomi Mi6 and they earned $30,000 USD with 6 Pwn points.

In another attempt made by MWR Labs Samsung Galaxy S9 and successfully exploit it over Wi-Fi using three different bugs.

According to ZDI press release, They forced the phone to a captive portal without user interaction, then used an unsafe redirect and an unsafe application load to install their custom application Although their first attempt failed, they nailed it on their second try to earn $30,000 USD and 6 more Master of Pwn points.

Final entry by a White hat hacker Michael Contreras came and exploiting the type confusion in JavaScript and earned $25,000 USD and 6 Master of Pwn points.

End of the day  Fluoroacetate (Amat Cama and Richard Zhu)duo has the lead in Master of Pwn points with 31, while MWR Labs is second place with 12.

The Second-day Hacking Completion

Fluoroacetate duo team starts the second day of the event and again they target the iPhone x and fortunately they attempted the successful exploitation using by combining a JIT bug in the browser along with an Out-Of-Bounds Access to exfiltrate data from the phone.

This exploit leads an attacker to delete the picture from the victims iPhone X and they earned $50,000 and 8 more points.

Again they came back to attack Xiaomi Mi6 and successfully exploit it using an integer overflow in the JavaScript engine to exfiltrate a picture from the phone by targeting the web browser in Xiaomi Mi6 model and earned $25,000 USD again and 6 Master of Pwn points.

MWR Labs team come back again in the second day and they target Xiaomi Mi6 handset where they exploit a combined bug that helps to install the silent app in Mi6 and load the custom app to exfiltrate pictures and earned $25,000 USD and 6 additional points.

According to ZDI in the second day, Fluoroacetate team successfully exploit five out of six successful demonstrations is pretty remarkable and we’re happy to announce the Fluoroacetate duo of Amat Cama and Richard Zhu have earned the title Master of Pwn!

Overall ZDI awarded $325,000 USD total over the two-day contest and they purchasing 18 0-day exploits.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting...

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ...

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to...

Meta Removed 2 Million Account Linked to Malicious Activities

 Meta has announced the removal of over 2 million accounts connected to malicious activities,...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Nearest Neighbor Attacks: Russian APT Hack The Target By Exploiting Nearby Wi-Fi Networks

Recent research has revealed that a Russian advanced persistent threat (APT) group, tracked as...

GeoVision 0-Day Vulnerability Exploited in the Wild

Cybersecurity researchers have detected the active exploitation of a zero-day vulnerability in GeoVision devices,...

Researchers Detailed Credential Abuse Cycle

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling...