China’s Top Hackers Uncover Threats in iOS, Windows 10, and Chrome Among Many Others

Must Read

Elon Musk Added Over $100 Billion To His Net Worth In Just 1 Year, Leaves Jeff Bezos Behind

Jeff Bezos may the world's richest person in the world but it's Elon Musk who has been...

Elon Musk Overtakes Bill Gates And Becomes the 2nd Richest Person in the World

It's been a good week for Elon Musk and his electrical vehicle business Tesla. Earlier this week,...

Free Netflix In India From December: Netflix In A Pursuit Of New Subscribers

A month ago, we reported how Netflix might be brewing something interesting that could lead to a free...

In the third edition of China’s national ethical hacking contest, the Tianfu Cup, the country’s top hackers uncovered and exploited existing but unknown threats and vulnerabilities in the software of widely used software products including iPhone, Microsoft Edge, Google Chrome, etc.

Ethical hacking contests might come as a surprise to some. Such contests are held both nationally and internationally. They can be a component of Capture The Flag events, in which hacking (breach or exploitation) is one aspect of the challenges presented, or can be bug bounty programs, like the Tianfu Cup.

The contest spanned over two days taking up the first full weekend of November. A total of 15 teams participated, including several teams from Qihoo 360, a Chinese tech giant that has an excellent track record when it comes to such competitions.

Advertisements

All contestants were given 3 tries of 5 minutes each to target a software of their choice with an exploit they had engineered themselves. In total, there were 16 targets the teams had picked, out of which 11 were successfully hacked into.

On the first day, most contestants carried out exploits against major browsers. These included Google Chrome, Microsoft Edge, and Safari. Vulnerabilities were also found in Microsoft Office 360 and Adobe PDF Reader.

On the second day, Adobe PDF Reader was exploited twice more. Additionally, this was a day where many notable operating systems were also targeted successfully. This included Ubuntu. However, the most noteworthy out of the exploits were breaches into iOS 14 on an iPhone 11 Pro and VMWare, a cloud storage system.

Considering the fact that iOS and VMWare are known as one of the highly secured products, these two break-ins bagged the biggest prizes. The prize money for the iOS hack and VMWare hack was $300,000 and $200,000 respectively.

The grand total of the bonuses given out to participants came up to $1.2 million. The largest sum of money out of this went to the team from Qihoo 360, whose total earnings were $744,500. In second place was Ant-Financial Light-Year Security Lab which won $258,000. The third-largest winnings were made by Pang, a security researcher, who single-handedly earned $99,500. At the same time, some teams could not win anything at all.

Advertisements

Patching Vulnerabilities Found by Ethical Hackers

The purpose of such competitions is not simply to hold some sort of cyber-sports for engineers and technicians. They are arenas for bringing together massive potential and human resource to strengthen the web of vulnerabilities software is rife with instead.

All vulnerabilities found in such competitions are reported to the companies in question. They are also notified in advance of the possibility of a breach taking place. The Tianfu Cup’s protocol is no different and patches for the reported vulnerabilities are expected to be released in the coming week.

While these events act as learning experiences for people involved in software engineering all over the world and are great places to win handsome cash prizes, they also serve a direct agenda for tech companies.

It is not uncommon for companies to hold bug bounty programs for their own products. This allows hackers from various different backgrounds and approaches to study the code on which a company’s software runs and allows for a diverse outside perspective into flaws in the existing code.

Facebook launched one such bounty program in 2018. In 2016, Apple also launched a similar program to identify flaws in the Apple operating systems and related software. Similarly, Google also has a bounty program, as a part of which it rewarded an Uruguayan teen $36,000 for blowing the whistle on a vulnerability.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Amazon Future Group Dispute Deepens As Singapore Court Turns Down Future Group Plea

The dispute between Amazon and Future Retail is, apparently, far from over anything soon as the Singapore...

Google Pay Fee On Instant Transfer: An Indication Of Google’s Aggressive Monetisation Strategy?

Google has decided to levy fee on instant payment, starting from the US market. A few days back, Google...

Twitter Account Verification Is Back, But Has it Lost Its Mojo?

Twitterati queue up! As the Twitter account verification process which is responsible for awarding blue badges prepares to...

Paytm Lawsuit Impact: TRAI Slaps Fine On Jio, Airtel, BSNL And Other Telcom Operators

The emergence of e-wallets brought along with itself a big uprise in notorious phishing scammers who prey on unsuspecting consumers by pretending...

MobiKwik Takes A Dig At Paytm After The Recent App Ban

The ongoing China-India border tension is resulting in more apps getting banned, and every time that happens the Indian startup unicorn Paytm...

India Bans 43 More Apps As Indo-China Feud Continues

The latest move of the Indian Government has proved that Chinese-origin apps won’t catch a break any time soon.Today, the GOI, Under...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter,...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one...

More Articles Like This