18 October 2017
If given the chance, would you try to hack into some of the flagship smartphone devices of 2017? The cherry on the top is you would even win a prize if you managed to pull it off. Well, that’s exactly what some security researchers spent their day doing in Tokyo, Japan, at the annual Pwn2Own contest. The smartphones which they attempted to break into include the iPhone 7, Google Pixel, Samsung Galaxy S8, and even the latest of the bunch, the Huawei Mate 9 Pro.
The Tecent Keen Security Lab managed to breach the latest version of iOS 11 on the iPhone 7. The first hack attempted aimed at the Wi-Fi bug whereas the second targeted the Safari browser. The researchers were also able to hack the Samsung Galaxy S8 and even the Huawei Mate 9 pro. It seems like a piece of cake for them!
Here is a short report of the successful hack achieved on the iPhone 7:
They used a total of four bugs to gain code execution and escalate privileges to allow their rogue application to persist through a reboot. They earned $60,000 for the WiFi exploit and added $50,000 for the persistence bonus - a total of $110,000 and 11 Master of Pwn points.
Tencent Keen Security Lab was on the clock once more as they targeted the Safari Browser on the Apple iPhone 7. It took them just a few seconds to successfully demonstrate their exploit, which needed only two bugs - one in the browser and one in a system service to allow their rogue app to persist through a reboot. As the second finisher in the Browser category, they earned half of the cash award at $45,000, but still earned the full 13 Master of Pwn points.