Geekly Articles each Day
📜 ⬆️ ⬇️

Pwn2Own members hacked Galaxy SIII and iPhone 4S



The well-known competition of computer and mobile security experts, Mobile Pwn2Own, again showed excellent results. Contestants easily demonstrated the vulnerabilities of such famous smartphones as the Galaxy SIII and iPhone 4S. In the first case, the vulnerability was found in NFC technology, in the second - in the WebKit engine.

As for the iPhone, the vulnerabilities, according to the hackers (in this case we use this word in a positive, original sense), are subject to devices based on iOS 5.1.1 and iOS 6 (of the version that was available at the time of the competition). That is, you can hack and iPod touch, iPad, iPhone 4. Vulnerability allows you to get full access to the contents of the phone, including mail, sms-messages, contacts, files, and much more.
')
The exploit, according to the burglars, was developed in just a few weeks, and far from fully loaded with burglars. The malware is loaded when the victim visits the hackers site using his phone.

By the way, Apple devices were handled by representatives of Certified Secure from the Netherlands.

And Galaxy S III was broken by guys from MWR Labs. Thanks to the found vulnerability in NFC, they were able to transfer the malware from the device to the device. The transferred malicious software was automatically installed on the new device, and opened up full access to the contents of the memory to hackers. The application works in the background, so the victim does not notice the attack.

Burglars were able to get full access to SMS messages, pictures, e-mail, contacts and other information. Burglars reported that access is as complete as possible. And the exploit itself is aimed at the default application viewer, which is installed on the Galaxy S2, S3 and some devices from HTC. So these devices are subject to cracking.

Unfortunately, neither the first nor the second case is described in detail, in order to avoid the repetition of the experience of the participants of the competition already by real attackers.

Well, and our experts on security technology received a good reward in the amount of 30 thousand US dollars. Plus, the teams were awarded BlackBerry smartphones.

Via computerworld + computerworld

Source: https://habr.com/ru/post/151872/

More articles:


All Articles