Chinese hackers win US$215,000 for cracking Google Nexus, iPhones at global competition
A group of young Chinese hackers affiliated with internet giant Tencent won US$215,000 by gaining unauthorised access to Nexus 6P and iPhone 6s phones at an international mobile hacking challenge in Tokyo last week.
The Tencent team, called Keen Security Lab, beat a rival team led by cybersecurity research platform MWR Labs to claim the title of Master of Pwn at Mobile Pwn2Own 2016 on October 26.
The hackers exploited vulnerabilities to access Google Nexus 6P and IPhone6s while their latest software and program patches were running, said the event’s organiser Trend Micro, a US-based internet security company.
Tencent Team Keen won $215k at PWN2OWN Mobile by attacking Nexus6p and two exploits for the iPhone iOS 10.1 released yesterday(!) pic.twitter.com/A5cvCQZdI7
— dragosr (@dragosr) October 26, 2016
Keen Security Lab successfully installed malware that cannot be easily removed into a Nexus 6P phone by combining two bugs with other weaknesses in Android.
The Chinese hackers managed to install malware on a iPhone6s, but it did not remain once the phone was rebooted, and so was deemed only “a partial success”, the organiser said.
— Zero Day Initiative (@thezdi) October 26, 2016
However, Keen Security Lab succeeded in stealing photographs from the iPhone 6s by using two vulnerabilities in Apple’s mobile operating system, iOS, the statement said.
Trend Micro said it disclosed the bugs to Apple via an email afterwards.
This is not the first time that Tencent’s Keen Security Lab has identified bugs on iPhones.
Last week, Marco Grassi, of Keen Security Lab, was credited for identifying a serious bug in iOS, which could enable attackers to use malicious JPEG data encoding to access a person’s iPhone.