When Google Pixel Phone Got Hacked Within a Minute

Must Read

Skeletons in the Closet? Google-Facebook Involved in Secret Online Advertising Deal

If you can’t beat ‘em, join ‘em. And when two titans happen to decide upon an alliance,...

Smartphone Resale Value: Depreciation Is Surprising Enough [REPORT]

It's a tad cliché and true that smartphones have permeated every sphere of our life. The ceaseless...

“Open Up Cambridge Analytica, It’s CBI At the Door!”

Among all the establishments ensnared in deplorable acts, Cambridge Analytica has steadily climbed the ladder of infamy....

Smartphones are an integral part of our day to day activities and carry valuable and private information. Thus, safety and security are of utmost concern for smartphone brands. At the PwnFest hacking competition in Seoul, South Korea, Google paid $120,000 (approx. Rs 84 Lakh) to the ethical hackers who humiliated Google by hacking the recently launched Google Pixel smartphone in less than a minute. The hackers were from Qihoo 360 who managed to gain remote access to the Pixel phone to exploit phone contacts, messages, photos, videos, emails and even card details. Google did not reveal the exact vulnerability, though, but they claim that the vulnerability has been patched and released in the next stable build. However, the act was nothing less than humiliation for Google which has invested millions of dollars in promoting Pixel phones as one of the most secured and best Android smartphones available nowadays.

But Qihoo 360 was not targeting only Google, they managed to hack into Adobe Flash in just 4 seconds and bagged another $120,000. They continued revealing vulnerabilities in Microsoft Edge on Windows 10 which made their total prize money sum up to $520,000 (approx. Rs. 3.5 crores). Another team of Chinese hackers who call themselves ‘Pangu’, hacked the Safari browser on MacOS Sierra in just 20 seconds which earned them $80,000 (approx. 54 Lakh) in cash.

Google Pixel Phone: Highly Vulnerable to Competition

Google is continuously working towards making its products and software secure and competent. With competitors like Apple iPhone and Samsung Galaxy S7 and S7 Edge, it is crucial for Google to make Pixel Smartphones an unmatched experience in terms of safety as well as user experience. The Pixel phone is company’s first premium smartphone which was launched on 4th October at a price range starting from $649 in the US and INR. 57,000 in India for the 32GB variant. With this premium pricing, the company cannot afford any flaws in the device to sustain in the market.

Advertisements

Google Vulnerability Rewards Program

As of June, Google has received 250 qualified vulnerability reports and paid over $550,000 to 82 individuals with an average of $6,700 per researcher. Google’s top researcher @heisecode has received $75,750 for 26 reports. Also, the company paid 15 researchers $10,000 or more for the reports.

Together, we made a huge investment in security research that has made Android stonger. We’ree just getting started and are looking forward to doing even more in the future, said Quan To, Program Manager, Android Security, Google.

Google had also announced to increase the reward prize from 1st June to encourage more participants. For a high-quality vulnerability report with proof of concept, Google has been paying 33% more. The company will pay 50% more for high-quality vulnerability report for evidence of concept, a Compatibility Test Suite (CTS) test, or a patch. The reward for a remote or proximal kernel exploit was raised from $20,000 to $30,000. Also, for a remote exploit chain or exploits leading to TrustZone or Verified Boot compromise, the reward was increased from $30,000 to $50,000. Increasing rewards is a good way to make the bug hunters more aggressive and active in finding and patching the vulnerabilities.

Fight Against the Threat of Hacking

The reward programs are not just for hackers but also for the consumers which encourage them to report their findings rather than exploiting them. To encourage this measure, companies like Microsoft, Oculus and PayPal have implemented reward programs of their own. Even Apple had started its bug bounty program since September, offering up to $200,000 for successfully pointing out bugs and security related issues in its devices. Apple also announced that the company would be mandating HTTPS connections for iOS apps from 1st January 2017. Even Twitter had paid a significant $322,420 in bounties for the same. Apart from the companies in the IT sector, companies from the automotive sector like Tesla Motors, General Motors, Uber, and Fiat Chrysler also launched such programs. Interestingly, even the US army announced ‘Hack the Army’ bug bounty program to find security flaws in their digital recruiting infrastructure.

Companies are leaving no stones unturned to uproot the vulnerabilities in their devices and software. Even after such major payouts and investment, hackers are successfully hacking into devices and software. This is affecting companies as well as the consumers largely. Companies are getting aggressively focused towards the bug bounty programs. Security is a primary concern in this digital era. Everything, from learning to transacting, is dependent on digital devices and system. Hence, any breach of security will raise the red flag immediately.

LEAVE A REPLY

Please enter your comment!
Please enter your name here
Advertisements

Latest News

Musk Attacks Bezos: Battle Over Space Real Estate Is Out In Open

The world’s two of the most prominent billionaires Elon Musk and Jeff Bezos have put on their...

The Increasing Sales of iPhone In India: Samsung And OnePlus Must Think Out Of The Box!

Despite all the challenges that were thrown at Apple, the Cupertino-based tech giant made the most out of the October-December period in...

India Is Ready To Bury TikTok, Forever!

Having faced months in the wilderness, it looks like TikTok and the Chinese app contingent are set to put out of their...

Apple, Social Casino Apps, And An Illegal Partnership: Minting Billions?

Getting sued is a frequent affair for Apple Inc. (NASDAQ:AAPL) and therefore it is no surprise when a new lawsuit against the...

Masayoshi Son Bids Adieu To SoftBank Telecom Unit For Something Big!

Masayoshi Son is bidding adieu to the domestic telecommunication unit that has long been central to his technology empire SoftBank Corp and...

Judgement Day For LG: Time To Bid Adieu To Smartphone Market!

When the going gets tough, the tough get going. But that doesn't seem to fit in case of LG Smartphone business.

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter,...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one...

More Articles Like This