This week happened the Pwn2Own Tokyo 2018, an event where hackers team up to try to find flaws and vulnerabilities in devices and operating systems. In this edition, the tested smartphones were the Google Pixel 2, the Samsung Galaxy S9, the Huawei P20, the Xiaomi Mi6 and the iPhone X. And on the first day of the event, the hackers showed that they are not kidding, raising $ 225,000 in prize money for unveiling 13 vulnerabilities.
Amat Cama and Richard Zhu were able to explore the baseband Galaxy S9 to run a code, while other hackers attending the event managed to exploit glitches in the NFC-related Xiaomi Mi6 (using technology, they forced the phone to open the browser and visit a page they created) and Wi-Fi ( made the browser go to a certain page, then continued to explain additional bugs to silently install an app via JavaScript, bypass the app's whitelist, and automatically launch an app).
S9 Wi-Fi was also exploited, with hackers forcing the phone to visit a site without user interaction, then using an insecure redirect and an insecure app load to install a custom app.
Image: UnsplashAnd, no; iPhone X did not leave the competition unscathed. As highlighted by Forbes, the same hacking duo pocketed $ 60,000 for finding a hole in the device that allows you to recover a photo or file deleted by the user.
When deleting a photo on iPhone X, iOS first warns that it will be deleted from all connected devices on iCloud account (if you are using iCloud Photo Library); By choosing to delete, the photo then goes to an album of deleted images and remains there for 40 days until it is actually deleted.
Hackers have found a way to recover these recently deleted photos by exploiting a compiler vulnerability just in time (JIT), which supposedly processes the computer code while a program runs. If this compiler is compromised, you can recover recently deleted files. In theory, any data processed by the JIT compiler could be vulnerable to image attack was used only as a proof of concept.
Apple has been properly informed about the bug we will see when everything will be fixed.
via The Verge
