Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Incident Response, TDR, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

New mobile exploits demonstrated at Pwn2Own event


At information security conference PacSec 2013 in Tokyo, two teams have accepted rewards for demonstrating exploits against cell phones in the Mobile Pwn2Own 2013 contest sponsored by HP.

Japanese squad Team MBSD, of Mitsui Bussan Secure Directions, Inc., collected $40,000 for installing malware and collecting personal data on the Android-powered Samsung Galaxy S4. The group lured a user to a malicious website, gained system-level privileges and installed applications that allowed the team to gather information, including SMS messages, contacts and browsing history.

Keen Team, a Chinese squad from Keen Cloud Tech, took $27,500 for demonstrating two exploits against Safari on the iPhone 5. The group captured Facebook credentials on iOS 7.0.3 by stealing a Facebook cookie via social engineering, and also stole a photo on iOS 6.1.4.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.