Breaking News

SAMA Expands CPU Cooling Lineup with A60 and A40 Series Air Coolers for Gaming and Creator PCs The Lockerstor 12R Pro Gen2 and 16R Pro Gen2 are Here! TRUSTA Highlights SSD Power Efficiency for AI Servers at OCP APAC 2025 XPG Launches VALOR NANO Compact Cases with the All-New PYMCORE SFX PSU Speedlink announces illuminated mechanical 60% gaming keyboard

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Amazon Fire Phone, iPhone, Nexus 5, Samsung S5, "Attacked" At Mobile Pwn2Own

Amazon Fire Phone, iPhone, Nexus 5, Samsung S5, "Attacked" At Mobile Pwn2Own

Smartphones Nov 13,2014 0

Some of the world’s most popular smartphones have been prized open at the Mobile Pwn2Own hacking contest in Tokyo, Japan this week. Hosted by the HP Zero Day Initiative, the competition offered up big cash prizes for those who could show off their exploits and five teams succesfully broke security protections on the Amazon Fire Phone, iPhone 5S, LG Nexus 5 and the Samsung S5. Day One of the annual Mobile Pwn2Own competition closed with nine bugs exploited and provided to vendors via coordinated disclosure.

South Korean competition veterans lokihardt@ASRT demonstrated a two-bug combination that pwned the Apple iPhone 5S via the Safari browser. While details of these and all other Pwn2Own bugs are closely held among the researcher, vendor, and ZDI, one of the bugs executed a full Safari sandbox escape.

The second contest was the first of two consecutive and successful attempts against the Samsung Galaxy S5. The first effort, from Japan’s Team MBSD, used NFC as a vector to trigger a deserialization issue in certain code specific to Samsung.

The other Samsung pwnage, brought to the competition by Jon Butler of South Africa’s MWR InfoSecurity, took another approach focusing on NFC. In this case, the exploit targeted a logical error that’s possible on the Samsung Galaxy S5 devices.

Adam Laurie from the UK’s Aperture Labs stepped up in the fourth competition spot with another NFC attack. A two-bug exploit targeting NFC capabilities on the LG Nexus 5 demonstrated a way to force BlueTooth pairing between phones.

Finally, the three-man MWR InfoSecurity team of Kyle Riley, Bernard Wagner, and Tyrone Erasmus wrapped up the first day of competition with a successful three-bug medley targeting the Amazon Fire Phone’s Web browser.

However, the Windows Phone OS kept out VUPEN researcher Nico Joly, who couldn’t pop a Lumia 1520 despite getting at the cookie database on the device.

On Thurdsay, the contest greets its final two participants, Nico Joly targeting Windows Phone and Jüri Aedla targeting Android.

The prize pool for this year's Mobile Pwn2Own is rising, with HP and its sponsors offering over $425,000 (USD) in cash and prizes to researchers who successfully compromise selected mobile targets from particular categories, which is $125,000 more than last year’s contest.

Tags: Hacking
Previous Post
Samsung Challenges Apple iBeacon With Proximity
Next Post
Samsung Partners with Christie to Unveil Special-Edition Artisan Curved UHD TV

Related Posts

  • MSI has been hacked, be warned about where you download files

  • Hackers gain access to PS5 Debug Menu and show decrypted PS5 firmware files

  • HP Threat Research Shows Attackers Exploiting Zero‐Day Vulnerability Before Enterprises Can Patch

  • EA Gets hacked - 780GB of data and sourcecode stolen

  • European Supercomputers Researching Covid-19 Report Hacking Attacks

  • Microsoft Offers You $100,000 If You Can Hack the Linux-based Azure Sphere

  • Zoom Users' Data have Been on Sale on Dark Web: report

  • Indonesia's Tokopedia Inverstigates Alleged Data Leak of 91 Million Users

Latest News

SAMA Expands CPU Cooling Lineup with A60 and A40 Series Air Coolers for Gaming and Creator PCs
Cooling Systems

SAMA Expands CPU Cooling Lineup with A60 and A40 Series Air Coolers for Gaming and Creator PCs

The Lockerstor 12R Pro Gen2 and 16R Pro Gen2 are Here!
Enterprise & IT

The Lockerstor 12R Pro Gen2 and 16R Pro Gen2 are Here!

TRUSTA Highlights SSD Power Efficiency for AI Servers at OCP APAC 2025
Enterprise & IT

TRUSTA Highlights SSD Power Efficiency for AI Servers at OCP APAC 2025

XPG Launches VALOR NANO Compact Cases with the All-New PYMCORE SFX PSU
Cooling Systems

XPG Launches VALOR NANO Compact Cases with the All-New PYMCORE SFX PSU

Speedlink announces illuminated mechanical 60% gaming keyboard
PC components

Speedlink announces illuminated mechanical 60% gaming keyboard

Popular Reviews

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

be quiet! Pure Base 501

be quiet! Pure Base 501

Terramaster F8-SSD

Terramaster F8-SSD

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed