A group of young Chinese hackers affiliated with internet giant Tencent won US$215,000 by gaining unauthorised access to Nexus 6P and iPhone 6s phones at an international mobile hacking challenge in Tokyo last week. The Tencent team, called Keen Security Lab, beat a rival team led by cybersecurity research platform MWR Labs to claim the title of Master of Pwn at Mobile Pwn2Own 2016 on October 26. Foreign hackers in China’s sights with proposed changes to cyber law The hackers exploited vulnerabilities to access Google Nexus 6P and IPhone6s while their latest software and program patches were running, said the event’s organiser Trend Micro, a US-based internet security company. Tencent Team Keen won $215k at PWN2OWN Mobile by attacking Nexus6p and two exploits for the iPhone iOS 10.1 released yesterday(!) pic.twitter.com/A5cvCQZdI7 — dragosr (@dragosr) October 26, 2016 <!--//--><![CDATA[// ><!-- //--><!]]> Keen Security Lab successfully installed malware that cannot be easily removed into a Nexus 6P phone by combining two bugs with other weaknesses in Android. Update your iPhone: long-feared spyware hack has become reality The Chinese hackers managed to install malware on a iPhone6s, but it did not remain once the phone was rebooted, and so was deemed only “a partial success”, the organiser said. Boom! @keen_lab succeeds in installing a rogue app on a #nexus6p . With bonuses, they earned $102,500 & 29 Master of Pwn points. #MP2O pic.twitter.com/hfbnH0eI6p — Zero Day Initiative (@thezdi) October 26, 2016 <!--//--><![CDATA[// ><!-- //--><!]]> However, Keen Security Lab succeeded in stealing photographs from the iPhone 6s by using two vulnerabilities in Apple’s mobile operating system, iOS, the statement said. Trend Micro said it disclosed the bugs to Apple via an email afterwards. Most of the world’s iPhones can still be hacked with just a text This is not the first time that Tencent’s Keen Security Lab has identified bugs on iPhones. Last week, Marco Grassi, of Keen Security Lab, was credited for identifying a serious bug in iOS, which could enable attackers to use malicious JPEG data encoding to access a person’s iPhone.
