Some of the world's finest hackers are trying to break into the most widely-used mobile phones on the planet this week, as part of the Pwn2Own contest run by Trend Micro's Zero Day Initiative (ZDI) in Japan. Despite the improved security of the devices, one famous Chinese crew, Keen Lab, has successfully compromised both Apple's iPhone and Google's Nexus.
The iPhone 6S attack saw Tencent-owned Keen Lab chain two iOS vulnerabilities to steal pictures from the Apple device. They were awarded $52,500 for that hack. They also managed to install a rogue application on the iPhone 6S, but the app wouldn't survive a reboot thanks to a default configuration setting that prevented persistence. Despite that, ZDI bought the bugs used in the hack for $60,000.
As for the Nexus 6P, the Keen collective managed to install a malicious app on the Google device, repeating the attack three times to receive a whopping $102,500. Again, Keen combined two different bugs, alongside other unspecified weaknesses in Android.
ZDI's Pwn2Own contests reward hackers for exploiting devices. Mobile Pwn2Own kicked off in Japan today.
A tweet from Keen Lab indicated they were able to make their attacks work on iOS 10.1, the latest release.
Even with last minute update of 10.1 which made us work overnight, we success finally @Cloudlldb @fuyubin1993 @marcograss @chenliang0817 pic.twitter.com/zUtSZswDbx
— KEENLAB (@keen_lab) October 26, 2016
Talking about Keen's research, ZDI chief Brian Gorenc said: "These are critical in nature as they allow an attacker to disclose sensitive information or install a malicious application. We’ve seen similar exploits recently used in the wild.
"All of the exploits were triggered by browsing to a malicious website. From that perspective, it’s relatively simple to trick a user into this scenario. Crafting the exploit itself isn’t trivial and requires months of research and experimentation."
Tencent's Keen Lab at the Pwn2Own contest in Japan where it's won more than $200,000 in day one of... [+]
The vulnerabilities are immediately handed to the affected companies - in this case, Apple and Google. They then work on patches. This often takes months, Gorenc said.
Earlier this week, Keen Lab's Marco Grassi was credited by Apple for finding a serious vulnerability in iOS, which meant that just viewing an image could expose a user's phone. "Viewing a maliciously crafted JPEG file may lead to arbitrary code execution," Apple warned in its notes for the iOS 10.1 update released earlier this week.
Proving they can hack all kinds of mobile computers, Keen Lab recently remotely hacked a Tesla Model S. The car maker swiftly fixed the issues.
