Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Hackers Win $60,000 for Finding iPhone Safari Exploit at Tokyo Pwn2Own Contest

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
67,133
37,057



Richard Zhu and Amat Cama, two white hat hackers, recently teamed up at the Mobile Pwn2Own contest in Tokyo and ended up earning a $60,000 prize after finding an iPhone exploit, according to a blog post on the Zero Day Initiative website.


The duo used a Safari weakness on an iPhone X running iOS 12.1 to retrieve a photo that had recently been deleted from the device. The hackers used a malicious Wi-Fi access point to exploit a just-in-time (JIT) compiler vulnerability.


The exploit the two hackers discovered can also be used to access additional files beyond deleted photos; the deleted photo just happened to be the first file the two came across and so it was used as a demonstration.
Next up, Amat and Richard returned to the Short Distance category. This time, they were targeting the iPhone X over Wi-Fi. They used a pair of bugs - a JIT vulnerability in the web browser followed by an Out-Of-Bounds write for the sandbox escape and escalation. The successful demonstration earned them $60,000 USD more and 10 additional Master of Pwn points. This ends their first day of competition with $140,000 USD and a commanding lead for the Master of Pwn with 31 points.
Click to expand...
With the prize money and points awarded from the iPhone vulnerability along with other exploits shown off at the event, Zhu and Cama won the "Master of Pwn" title.

pwn2owntokyo.jpg

Apple has been informed of the vulnerability and will likely address it in an upcoming iOS update.

Article Link: Hackers Win $60,000 for Finding iPhone Safari Exploit at Tokyo Pwn2Own Contest
 
Article Link
https://www.macrumors.com/2018/11/14/pwn2own-safari-iphone-exploit-discovered/
This is an annual competition and while it seems bad on the surface, its actually good - all these exploits (which are out there and probably being used by others) will now get closed.

The more of this the better. The picture of the two heroes are awesome....so young, gotta be college or just out.

I'd love to see Apple put serious money out there for prizes to entice folks who might sell such things to bad actors or governments instead (there is such a market with big money involved).
 
  • Like
Reactions: surf2snow1, robotica, Mr. Retrofire and 2 others
Mr. Retrofire said:
The 3-letter agencies can not access our data. Ohh, wait...
Click to expand...

0 days will always exist, the differences is that agencies keep them for themselves.
What you should expect from a company is to do their best to protect their customers. The bigger issues in today it world is that a chunk of companies found out that personal data is an extremely lucrative business, offering free service in exchange as trojan horses, now that is really concerning.
 
  • Like
Reactions: Mr. Retrofire
tridley68 said:
Hopefully Apple will snap them up so their talents can strengthen Apple's security
Click to expand...
Why would they? pwn2own is an annual contest. there were vulnerabilities last year, there are vulnerabilities this year, and there will be vulnerabilities next year. Hiring the researchers who find them (vulns) is no guarantee they'll strengthen their security. They'd end up with a boatload of researchers and still have the systems exploited every year. Security is an ongoing exercise.
 
  • Like
Reactions: ApfelKuchen
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back