Samsung Galaxy S22 is hacked!! However, this hacking wasn’t conducted by the external malicious threat actors. This year, at the Pwn2Own competition in Toronto, Canada, the world’s best hacking teams managed to hack Samsung Galaxy S22 smartphone twice on the first day and once on the second day.
At Pwn2Own Toronto for 2022, a hacking team named STAR Labs made three attempts to execute their improper input validation exploit against the Samsung Galaxy S22. This S22 device was fully patched with security updates, running the latest operating system and firmware. Interestingly, STAR Labs was awarded $50,000 (roughly Rs 41 lakh) for being the first team to successfully exploit a zero-day vulnerability in a smartphone.
On the first day, another hacking team named Chim carried out an incorrect input validation attack on the Samsung Galaxy S22, and succeeded on the second attempt. The Chim team was awarded a $25,000 (roughly Rs 20 lakh).
This zero-day exploits twice on the same day has, once again, put a question mark on the data security of Android smartphone users.
On second day of Pwn2Own Toronto 2022, the 3rd hacking team named Interrupt Labs was able to execute their improper input validation attack against the Samsung Galaxy S22. They were also received $25,000 (roughly Rs 20 lakh).
In addition to the prize money, each team received 5 Master of Pwn points.
Samsung‘s sole purpose to expose its latest flagship Galaxy S22 to hackers at the “Pwn2Own Toronto 2022” event is to discover security flaws in the device before the malicious threat actors cause any harm to users.
Last year, at the Pwn2Own hacking competition in Austin, Texas, the Samsung Galaxy S21 was hacked twice in matter of just 48 hours.
What is Pwn2Own?
Some of you must be wondering what is Pwn2Own and who organises it every year?
The Pwn2Own bug bounty competition hosted by Trend Micro’s Zero-Day Initiative (ZDI), was launched on July 25, 2005. It brings some of the world’s best hacking teams under one roof, in order to exploit various devices using ‘zero-day’ vulnerabilities. These elite hacking bounty hunters and security researchers compete against the clock, and each other, for global recognition as well as financially rewards.