During the latest version of the Tianfu Cup event for ethical hackers, a group of researchers demonstrated a method to successfully hack an iPhone 13 device with the latest iOS 15 updates, in what became the main event of the night. In total, the event delivered more than $1.5 million USD to participants.
In the form of the most recent edition, held this weekend in the Chinese city of Chengdu, the contestant hackers had three 5-minute attempts to demonstrate the functionality of their exploits.
During the weekend, white-hat hackers managed to successfully compromise the following devices and operating systems:
- Windows 10
- Adobe PDF Reader
- Ubuntu 20
- Parallels VM
- iOS 15
- Apple Safari
- Google Chrome
- ASUS AX56U router
- Docker CE
- VMWare ESXi
- VMWare Workstation
- qemu VM
- Microsoft Exchange
Other devices and software unsuccessfully targeted by the ethical hackers include:
- Synology DS220j NAS device
- Xiaomi MI 11
- An unnamed domestic IoT device
As mentioned above, one of the demonstrated exploits was described as a zero-click remote code execution attack against a fully updated iOS 15 executed on an iPhone 13 smartphone. This exploit gave its developers a prize of $300,000 USD.
Another experiment that caught the eye was a string of RCE attacks against Google Chrome whose exploitation would allow the total compromise of affected systems.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.