The Tencent Keen Security Lab Team from PRC has won a sum prize coin of $215,000 inwards the 2016 Mobile Pwn2Own rival run past times Trend Micro's Zero Day Initiative (ZDI) inwards Tokyo, Japan.
Despite the implementation of high-security measures inwards electrical flow devices, the famous Chinese hackers crew has successfully hacked both Apple's iPhone 6S every bit good every bit Google's Nexus 6P phones.
For hacking Apple's iPhone 6S, Keen Lab exploited 2 iOS vulnerabilities – a use-after-free põrnikas inwards the renderer in addition to a retention corruption flaw inwards the sandbox – in addition to stole pictures from the device, for which the squad was awarded $52,500.
The iPhone 6S exploit successfully worked despite the iOS 10 update rolled out past times Apple this week.
Earlier this week, Marco Grassi from Keen Lab was credited past times Apple for finding a serious remote code execution flaw inwards iOS that could compromise a victim's telephone past times simply viewing "a maliciously crafted JPEG" image.
However, a tweet from Keen Team indicated it was able to brand the assail successfully operate on iOS 10.1 every bit well.
The Keen Lab also managed to install a malicious app on the iPhone 6S, but the app did non live on a reboot due to a default configuration setting, which prevented persistence. Still, the ZDI awarded the hackers $60,000 for the vulnerabilities they used inwards the hack.
For hacking the Nexus 6P, the Keen Lab Team used a combination of 2 vulnerabilities in addition to other weaknesses inwards Android in addition to managed to install a rogue application on the Google Nexus 6P telephone without user interaction.
The ZDI awarded them a whopping $102,500 for the Nexus 6P hack.
So, of the sum potential payout of $375,000 from the Trend Micro's Zero Day Initiative, the Keen Lab Team researchers took domicile $215,000.
Despite the implementation of high-security measures inwards electrical flow devices, the famous Chinese hackers crew has successfully hacked both Apple's iPhone 6S every bit good every bit Google's Nexus 6P phones.
Hacking iPhone 6S
For hacking Apple's iPhone 6S, Keen Lab exploited 2 iOS vulnerabilities – a use-after-free põrnikas inwards the renderer in addition to a retention corruption flaw inwards the sandbox – in addition to stole pictures from the device, for which the squad was awarded $52,500.
The iPhone 6S exploit successfully worked despite the iOS 10 update rolled out past times Apple this week.
Earlier this week, Marco Grassi from Keen Lab was credited past times Apple for finding a serious remote code execution flaw inwards iOS that could compromise a victim's telephone past times simply viewing "a maliciously crafted JPEG" image.
However, a tweet from Keen Team indicated it was able to brand the assail successfully operate on iOS 10.1 every bit well.
The Keen Lab also managed to install a malicious app on the iPhone 6S, but the app did non live on a reboot due to a default configuration setting, which prevented persistence. Still, the ZDI awarded the hackers $60,000 for the vulnerabilities they used inwards the hack.
Hacking Google's Nexus 6P
For hacking the Nexus 6P, the Keen Lab Team used a combination of 2 vulnerabilities in addition to other weaknesses inwards Android in addition to managed to install a rogue application on the Google Nexus 6P telephone without user interaction.
The ZDI awarded them a whopping $102,500 for the Nexus 6P hack.
So, of the sum potential payout of $375,000 from the Trend Micro's Zero Day Initiative, the Keen Lab Team researchers took domicile $215,000.