A group of chinese hackers known as Tencent Keen Security Lab Team won$ 215.000 for performing three feats with success on the Nexus 6P and iPhone 6s. They managed to hack the devices, during the MobilePwn2Own 2016, event, Trend Micro, where the team collected more than half of the money offered as a prize to anyone who could hack the devices Nexus 6P, the Galaxy S7 and iPhone 6s.
The team broke down completely security of the Nexus 6P fixed and up to date on his first attempt, just five minutes, combining the two exploits of the Android pre-existing, and then exploring ‘other weaknesses of the operating system”. With this, they were able to install a malicious application without the need of any user interaction. Only with this hack, they abocanharam more than$ 100,000.
then, the hackers have addressed the iPhone 6s and also have managed to install a malicious app, but it does not resist to a reboot due to a default setting, which prevented the persistence. Por that this attack was the least valuable, but still, the ZDI has awarded the hacker with$ 60,000 by the vulnerabilities that they used in this attack.
in addition, we have exploited two vulnerabilities iOS and they stole the images of the device, performance by which the team received$ 52.500. This exploit was made even shortly after the update of Apple iOS 10. However, a tweet from the Team Keen indicated that they are able to make the attack work successfully on iOS 10.1 also.
With that out of the total of US$ 375,000 offered by the Zero Day Initiative from Trend Micro by the exploit of the three devices, the researchers of the team Keen pocketed US$ 215.000.
No comments:
Post a Comment