Hackers Compromised Microsoft Edge is just 18 seconds 2016
Yes, the Google's latest Pixel smartphone has been hacked by a team white-hat hackers from Qihoo 360, besides at the 2016 PwnFest hacking competition in Seoul.
The Qihoo 360 team demonstrated a proof-of-concept exploit that used a zero-day vulnerability in order to achieve remote code execution (RCE) on the target smartphone.
The exploit then launched the Google Play Store on the Pixel smartphone before opening Google Chrome and displaying a web page that read "Pwned By 360 Alpha Team," the Reg media reports.
Qihoo 360 won $120,000 cash prize for hacking the Pixel.
Google will now work to patch the vulnerability.
Besides the Google Pixel, Microsoft Edge running under Windows 10 was also hacked in PwnFest hacking competition.
The Qihoo 360 team also hacked Adobe Flash with a combination of a decade-old, use-after-free zero-day vulnerability and a win32k kernel flaw to win a $120k prize.
Besides the Google Pixel, Microsoft Edge running under Windows 10 was also hacked in PwnFest hacking competition.
The Qihoo 360 team also hacked Adobe Flash with a combination of a decade-old, use-after-free zero-day vulnerability and a win32k kernel flaw to win a $120k prize.
Along with hacker JH, Chinese iPhone jailbreak team Pangu, which release million-dollar iOS jailbreaks for free, discovered a Safari exploit that used a privilege escalation zero-day flaw, giving them root access on Apple's updated Safari browser running on MacOS Sierra in just 20 seconds.
The exploit earned the team $80,000.
Hackers Compromised Microsoft Edge is just 18 seconds
Researchers from Qihoo 360 and South Korean security researcher Junghoon Lee, aka LokiHardt, completely hacked the Microsoft Edge web browser operating on Windows 10 Red Stone 1 in just 18 seconds.
The security experts gained SYSTEM-level remote code execution on Edge, although they denied disclosing details of the vulnerability until the affected vendors come with a fix. Both researchers earned $140,000 for their Edge exploit.
Another Qihoo hacker team and Lee both, for the first time, remotely compromised VMware Workstation 12.5.1 without user interaction, bagging $150,000 for their exploits.
Details of all the exploits will be reported to the respected companies so that they can patch their software before black-hat hackers use them for malicious purposes.
The Qihoo 360 team of hackers walked away with a total prize money of $520,000.
The security experts gained SYSTEM-level remote code execution on Edge, although they denied disclosing details of the vulnerability until the affected vendors come with a fix. Both researchers earned $140,000 for their Edge exploit.
Another Qihoo hacker team and Lee both, for the first time, remotely compromised VMware Workstation 12.5.1 without user interaction, bagging $150,000 for their exploits.
Details of all the exploits will be reported to the respected companies so that they can patch their software before black-hat hackers use them for malicious purposes.
The Qihoo 360 team of hackers walked away with a total prize money of $520,000.
No comments: