Security researchers successfully demonstrated Wi-Fi and Safari exploits for the iPhone at Mobile Pwn2Own 2017 today. The Pwn2Own competition is held by Trend Micro during the PacSec conference at the Aoyama St. Grace Cathedral in Tokyo, Japan.Tencent Keen Security Lab first demonstrated a successful WiFi exploit on the Apple iPhone 7. They used a total of four bugs to gain code execution and escalate privileges to allow their rogue application to persist through a reboot. They earned $60,000 for the WiFi exploit and added $50,000 for the persistence bonus – a total of $110,000 and 11 Master of Pwn points. All it took was connecting a WiFi network to get the KeenLab app appear on an iPhone.
Tencent Keen Security Lab also targeted the Safari Browser on the Apple iPhone 7. It took them just a few seconds to successfully demonstrate their exploit, which needed only two bugs – one in the browser and one in a system service to allow their rogue app to persist through a reboot. As the second finisher in the Browser category, they earned half of the cash award at $45,000, but still earned the full 13 Master of Pwn points.
Share Article:
Facebook, Twitter, LinkedIn, Google Plus, Email, Reddit, Digg, Delicious, StumbleUpon
Follow iClarified:
Facebook, Twitter, LinkedIn, Google Plus, Newsletter, App Store, YouTube
Post a Comment