It is no big surprise, but mobile devices like smartphones are truly vulnerable to attack.
That point became abundantly clear as several of the popular smartphones ended up picked off during the Mobile Pwn2Own competition at the PacSec Applied Security Conference in Tokyo on November 12-13, one published report said.
The competition, organized by HP’s Zero Day Initiative (ZDI) and sponsored by BlackBerry and the Google Android Security team, targeted the Amazon Fire Phone, iPhone 5s, iPad Mini, BlackBerry Z30, Google Nexus 5 and Nexus 7, Nokia Lumia 1520, and Samsung Galaxy S5.
An HP spokesperson said the compromised iPhone 5s was running iOS 8.1.
According to HP, which prepared $425,000 in cash and prizes for the 2014 Mobile Pwn2Own, the first day of the competition started with a successful hack of Apple’s iPhone 5s. Members of the South Korean team lokihardt@ASRT “pwned” the device by using a combination of two vulnerabilities. They attacked the iPhone 5s via the Safari Web browser and achieved a full sandbox escape.
Later in the day, Team MBSD from Japan hacked Samsung’s Galaxy S5 by using a near-field communications (NFC) attack that trigger a deserialization issue in certain code specific to Samsung. Jon Butler of South Africa’s MWR InfoSecurity also managed to break the Galaxy S5 via NFC.
NFC was the hack of choice for UK-based researcher Adam Laurie from Aperture Labs to hack an LG Nexus 5.
“A two-bug exploit targeting NFC capabilities on the LG Nexus 5 (a Google-supported device) demonstrated a way to force BlueTooth pairing between phones.
Kyle Riley, Bernard Wagner, and Tyrone Erasmus of MWR InfoSecurity used a combination of three vulnerabilities to break the Web browser on the Amazon Fire Phone.
On the second day of the competition, contestants only managed partial hacks. Nico Joly, who took part in Pwn2Own earlier this year with the French team VUPEN, attempted to “pwn” the browser running on Windows Phone (Nokia Lumia 1520). Joly managed to exfiltrate the cookie database, but the sandbox prevented him from taking complete control of the system.
Jüri Aedla of Estonia used a Wi-Fi attack against a Nexus 5, but failed to elevate his privileges, HP said.
All the exploits ended up disclosed privately to the affected companies. HP promised to reveal details in the upcoming weeks.