If you have ever been in the game of bug hunting you would have probably heard about PwnFest. If you don’t then Pwnfest is a bug pwning ‘festival’ for better security organized by POC where Security Firms and Hackers target different platforms. They receive a cash prize and the Platform developers get to know the vulnerability in their software So a Win to Win for both.
In our previous post we had informed you about how Edge browser was hacked in just 18 seconds. And here we are back again with another post on #PwnFest. But this time we have got news on Google Pixel, Safari browser and Adobe Flash.
Reports say that even this time it was an team of Qihoo 360 team who disclosed this attack if you don’t know them they are the actual develops of ‘360 Total security‘, the team used an unrevealed exploit which led them remotely open Google Playstore and then opened Chrome Browser to show a webpage that stated “Pwned By 360 Alpha Team”. The Chinese Hackers from Qihoo 360 team bagged a total amount of $120,000 for their Exploits.
This was the second time that the pixel phone has been hacked. Last week at Mobile Pwn2Own event in Japan a Keen Team of Tencent discovered and used a zero-day exploit to get into the smartphone.
Both exploits were sent to Google so that they could be fixed in the upcoming updates so keep an eye on system updates.And it’s good that these exploits were found in an event like this rather than by some Black Hat which could have put all the Pixel Owners at the risk because of this Remote code execution exploit.
Exploits for Apple’s Safari, Microsoft’s Edge Browser by many teams and Qihoo 360 even used a vulnerability in Adobe Flash that had been there for 10 years to perform a remote hack.But the details of these are not Published as of now because it will be sent fist to the platform developers so they could fix the issue.We will Publish the posts once the detailed information is released on these attacks.