Samsung Galaxy S5,iPhone 5s and Nexus 5 Hacked at Pwn2Own Competition

In HP’s two day competition named Pwn2Own which took place in Tokyo,Japan. Smartphones such as iPhone 5s ,Samsung Galaxy s5 and Nexus 5 using top operating systems like Windows,iOS, and Android are all been hacked. In this two day competition some veteran security researchers around the globe participated.

On day one in the competition the iPhone 5s iOS was the system that has been hacked by the South Korean teams. They found some weakness in the Safari browser and used it to escape the sand box.
The flaw in iOS security was immediately disclosed to Apple, by the zero day initiative.

The first day in the competition is highly sucessful, with two big devices are hacked successfully.The next big device that fell victim to the group of hackers from Japan and South Africa is Samsung Galaxy s5.

The gateway that made the way for the security attack is ‘near-field communication (NFC)’ attack that trigger a deserialization issue in certain code specific to Samsung. Jon Butler of South Africa’s MWR InfoSecurity also managed to break the Galaxy S5 via NFC.

NFC was also utilized by UK-based researcher Adam Laurie from Aperture Labs to hack an LG Nexus 5.

“A two-bug exploit targeting NFC capabilities on the LG Nexus 5 (a Google-supported device) demonstrated a way to force BlueTooth pairing between phones – a plot point, as several observers noted, on the television show ‘Person of Interest’,” Shannon Sabens, a senior security content developer at HP, wrote in a blog post summarizing the first day of Mobile Pwn2Own.

Kyle Riley, Bernard Wagner, and Tyrone Erasmus of MWR InfoSecurity used a combination of three vulnerabilities to break the Web browser on the Amazon Fire Phone.

On the day two of the competition was not as successful when you compare it with the day one.On the second day  the participants in the competition are only able to attack android and windows devices partially. A participant name Nico Joly able to show some weakness in windows phone Nokia 1520 with an exploit aimed at the smartphone’s web browser, but was only able to exfiltrate the cookie database and could not break the sandbox to gain full access to the system.

A competitor name Jüri Aedla presented the weakness in another device name Nexus 5. He presented the bug in device through Wifi to android device. The event came to an end after that.

Source securityweek  

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

LINUX GAME HACKING GUIDE 2021

In the past, most games had cheat codes, yet these days it's more uncommon. As a programmer, I like to perceive how things work,...

Phishing Prevention: How to Secure Your Organization Against Phishing Attacks

Phishing is a type of cyberattack that aims to trick people into giving up their sensitive information or hack into a system by means...

Automated Penetration Testing Prevents High-Risk Vulnerabilities

According to new research from Positive Technologies, a substantial 84% of companies contain high-risk vulnerabilities within their network perimeter. Scanning as many as 3,514...

Security Concerns When You’re Running Your Company From Abroad

The world of technology makes it possible for entrepreneurs to run their businesses from any location worldwide. You could travel and move to any...

LOOKING FOR HACKING RECIPES FORM THE PRO?

Then sign up for FREE to the ehacking’s exclusive group. You will get the exclusive tips/tricks, tutorials, webinars & courses that I ONLY share with my fellow on this exclusive newsletter.