White hat hackers at China’s largest and most prestigious hackathon has reportedly managed to hack into many of today’s latest software programs using new exploits that have never been used in the wild. Some of the hacked programs include Windows 10, iOS 14, Ubuntu, Adobe PDF Reader, Chrome, Safari, Firefox and VMWare, among others.
The third edition of the Tianfu Cup was held in the central Chinese city of Chengdu, in central China, over the weekend with fifteen teams of hackers who broke into the aforementioned programs using new exploits. The biggest winner at the event was the team from Chinese cyber-security giant, Qihoo 360, which pocketed $744,500 out of the total prize pool of $1.21 million. AntFinancial Lightyear Security Lab and security researcher, Pang, rounded out the top three.
— TianfuCup (@TianfuCup) November 8, 2020
According to ZDnet, competing teams were given three attempts of five minutes each to hack into a selected target using an original exploit. “For each successful attack, researchers received monetary rewards that varied depending on the target they chose and the vulnerability type”, said the report.
All successful exploits are reported to the software vendors so that they can patch up the vulnerabilities through future updates. Users of the affected software can expect the patches to start rolling out in the coming weeks. The following is the list of software that were successfully hacked during this year’s competition:
- iOS 14 running on an iPhone 11 Pro
- Android on Samsung Galaxy S20
- Windows 10 v2004 (April 2020 edition)
- Adobe PDF Reader
- Docker (Community Edition)
- VMWare EXSi (hypervisor)
- QEMU (emulator & virtualizer)
- TP-Link and ASUS router firmware