[TheRecord] Windows 10, iOS 15, Ubuntu, Chrome fall at China’s Tianfu hacking contest

Chinese security researchers took home $1.88 million after hacking some of the world’s most popular software at the Tianfu Cup, the country’s largest and most prestigious hacking competition.

The contest, which took place over the weekend of October 16 and 17 in the city of Chengdu, was won by researchers from Chinese security firm Kunlun Lab, who took home $654,500, a third of the total purse.

Image: Tianfu Cup

The competition, now at its fourth edition, took place using the now-classic rules established by the Pwn2Own hacking contest.

In July, organizers announced a series of targets, and participants had three-to-four months to prepare exploits that they would execute on devices provided by the organizers on the contest’s stage.

Researchers had three 5-minute attempts to run their exploits, and they could register to hack multiple devices if they wished to increase their winnings.

Image: Tianfu Cup

This year’s edition included a list of 16 possible targets and was one of the Tianfu Cup’s most successful editions, with the 11 participants mounting successful exploits against 13 targets.

The only ones that were not hacked included Synology DS220j NAS, Xiaomi Mi 11 smartphone, and a Chinese electric vehicle whose brand was never revealed — for which no participant even registered to attempt an exploit.

On the other hand, successful exploits were mounted against nearly everything else, as follows:

Windows 10 – hacked 5 timesAdobe PDF Reader – 4 timesUbuntu 20 – 4 timesParallels VM – 3 timesiOS 15 – 3 timesApple Safari – 2 timesGoogle Chrome – 2 timesASUS AX56U router – 2 timesDocker CE – 1 timeVMWare ESXi – 1 timeVMWare Workstation – 1 timeqemu VM – 1 timeMicrosoft Exchange – 1 time

Image: Tianfu Cup

Most of the exploits were privilege escalation and remote execution bugs; however, two exploits presented at the Tianfu Cup this year stood out.

The first was a no-interaction remote code execution attack chain against a fully patched iOS 15 running on the latest iPhone 13. The second was a simple two-step remote code execution chain against Google Chrome, something that has not been seen in hacking competition in years.

The iPhone 13 Pro Safari escaped from prison remotely, and Chian Pangu won the highest single bonus of $300000 in history.🎉🎉@mj0011sec pic.twitter.com/rrCa1cGcnN

— HBS (@765075247Hbs) October 16, 2021

First confirmed entry for day1 of TianfuCup, Kunlun Lab @S0rryMybad pwned Google Chrome to get Windows system kernel level privilege with only two bugs. First time since 2015 as I remembered https://t.co/xy1dTzl1GV

— mj0011 (@mj0011sec) October 16, 2021

But while the Tianfu Cup hacking contest will take all the news headlines in the coming days, the event also included a separate trade show and cybersecurity conference, which this year was keynoted by Qi Xiangdong, chairman of security firm QiAnXin, and also included sections dedicated to smart vehicle security, IoT security, artificial intelligence security, and smart city security.

However, all eyes were on this year’s competition for another reason, namely that one of the iOS exploits showcased at last year’s competition was used in a cyber-espionage campaign carried out by the Beijing regime against its Uyghur population.

The discovery came to reinforce the belief among western security experts that Beijing forbade Chinese security researchers from participating in hacking contests held abroad back in 2017 in order to better harness their exploit-creating capabilities for its own operations.

The post Windows 10, iOS 15, Ubuntu, Chrome fall at China’s Tianfu hacking contest appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[ThreatPost] Carnival Cruise Cyber-Torpedoed by Cyberattack

All posts, ThreatPost

This is the fourth time in a bit over a year that Carnival’s admitted to breaches, with two of them being ransomware attacks. Source: Read More (Threatpost)

Read More

[SecurityWeek] Sophisticated Noberus Ransomware First to Be Coded in Rust

All posts, Security Week

Symantec researchers have analyzed what appears to be the first ransomware family written in the Rust programming language. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[HackerNews] BIMI: A Visual Take on Email Authentication and Security

All posts, HackerNews

There is a saying that goes something like, “Do not judge a book by its cover.” Yet, we all know we can not help but do just that – especially when it comes to online security. Logos play a significant role in whether or not we open an email and how we assess the importance […]

Read More