Samsung Galaxy S22 hacked twice on first day of Pwn2Own Toronto

Pwn2Own Toronto

Contestants have hacked a Samsung Galaxy S22 smartphone twice on the first day of Pwn2Own Toronto 2022, the 10th edition of the consumer-focused event.

The STAR Labs team was first to use successfully zero day on a Samsung flagship by performing a wrong input validation attack on the third attempt, earning $50,000 and 5 Master of Pwn points.

Another contestant, Chim, too demonstrated successful operation targeted the Samsung Galaxy S22 and was able to perform a botched input validation attack, earning $25,000 (50% of the prize for the second round of targeting the same device) and 5 Master of Pwn points.

Also Read :  Cross-institutional partnership propels global research in AI and quantum science

“The first winner in each goal will receive the full prize money and the devices to be tested,” explain the organizers of the competition.

“In the second and subsequent rounds of each objective, all other winners will receive 50% of the prize package, however they will still earn full Master of Pwn points.”

In accordance with the terms of the competition, in both cases the Galaxy S22 devices were running the latest version of the Android operating system with all available updates installed.

Contestants have also successfully demonstrated exploits targeting zero-day bugs in printers and routers from multiple vendors, including Canon, Mikrotik, NETGEAR, TP-Link, Lexmark, Synology, and HP, on this first day of the competition.

Also Read :  Road rager smashes sideview mirror; man defrauded of $11,000 on internet: Brook Park police blotter

The competition has been extended to four days

Pwn2Own Toronto security researchers can target cell phones, home automation hubs, printers, wireless routers, network-attached storage, smart speakers, and other devices, all up-to-date and in their default configuration.

They can win top prizes in the mobile phone category with cash prizes of up to $200,000 for hacking the Google Pixel 6 and Apple iPhone 13 smartphones.

Hacking Google and Apple devices can also provide $50,000 bonuses if exploits are executed with kernel-level privileges, increasing the maximum reward per challenge to $250,000 for a full exploit chain with kernel-level access.

Also Read :  This Artificial Intelligence (AI) Research Improves both the Lip-Sync and Rendering Quality of Talking Face Generation by Alleviating the one-to-many Mapping Challenge with Memories

Pwn2Own Toronto’s consumer-focused event has been extended to four days (Dec. 6-8) after 26 teams and participants signed up to take on 66 targets across all categories.

The full competition schedule can be found here. Here’s the full schedule for Day 1 of Pwn2Own Toronto 2022 and the results for each challenge.

On the second day of the competition, the Samsung Galaxy S22 will be tested again by hackers from the vulnerability research firm Interrupt Labs.


Leave a Reply

Your email address will not be published.

Related Articles

Back to top button