Hackers Break Into iPhone X, Samsung Galaxy S9 at Pwn2Own Tokyo
Samsung’s Galaxy S9 and Apple’s iPhone X have both been hacked at the Pwn2Own hacking conference in Tokyo this week.
First and foremost, the iPhone X. Fluoroacetate (Amat Cama and Richard Zhu), who previously hacked the Xiaomi Mi6 smartphone, attempted to break into Apple’s product using an attack carried out over Wi-Fi.
Their successful attempt was based on a combination of a JIT vulnerability in the web browser and an Out-of-Bounds write for the sandbox escape and escalation. After hacking the iPhone, the duo earned $60,000, bringing their total earnings during the first day of the hacking competition to no less than $140,000.
Galaxy S9 hacked twice
The Galaxy S9 was hacked twice. First, it was the same Fluoroacetate team that managed to compromise Samsung’s flagship launched earlier this year.
“They made quick work of it by using a heap overflow in the baseband component to get code execution. Baseband attacks are especially concerning, since… (read more)