At the PwnFest hacking competition, a group of white hat hackers from Qihoo 360 managed to hack the sought after Google Pixel in less than a minute. They managed the task using a undisclosed zero-day vulnerability, raking in $120,000 (roughly Rs. 81 lakhs) in cash.
The white hat hackers used the vulnerability to gain remote access to the Pixel smartphone. The vulnerability was used to install unwarranted code on the Google device, and then the exploit was used to open Google Play and Chrome browser (mobile version). On opening Chrome, instead of the homepage, a message that read “Pwned by 360 Alpha Team” was displayed on screen.
By gaining remote access to the Pixel phone, hackers exposed all user data – including phone contacts, messages, emails, photos, videos and even card details.
Apart from this remote access, the Qihoo 360 team also managed to crack Adobe Flash in a matter of seconds, by using a combination of exploits. The Register reports that Flash was breached in four seconds flat, earning them cash prize of $120,000 (roughly Rs. 81 lakhs) more. The company even demonstrated Microsoft Edge vulnerabilities on Windows 10. All in all, the team earned $520,000 (roughly Rs. 351 Lakhs) as prize money.
At the event, many other teams also showcased how they could breach many aspects of phones and PCs – be it browsing data, phone contacts, card details and more. Chinese hackers Pangu Team managed to breach the Safari browser running on macOS Sierra in a matter of 20 seconds. This feat earned them a $80,000 (roughly Rs. 54 Lakhs) cash prize.