Samsung Galaxy S21 Hack, $ 1 Million Hackers, Pwn2Own, 61 Security Bugs



Just weeks after hackers successfully breached iOS 15 security measures and hacked an Apple iPhone 13 Pro, it is now the turn of Samsung’s current flagship smartphone, the Galaxy S21, to feel the heat of the piracy.

Unfortunately, like the iPhone 13 Pro before it, the Galaxy S21 has been hacked not once but twice. Indeed, in just a few days, hackers were able to demonstrate a total of 61 unique zero-day security vulnerabilities across a range of products and earn a whopping $ 1,081,250 in the process. Here’s how it all went.

MORE FORBESHacked iPhone 13 Pro: Chinese Hackers Suddenly Break iOS 15.0.2 Security

Over the weekend of October 16-17, Chinese hackers participating in the annual Tianfu Cup hack challenge were able to bypass Safari’s security protections and achieve remote code execution on an iPhone 13 Pro running the ‘iOS 15.0.2 fully patched at the time. Additionally, another team of hackers jailbroken the same flagship device using a “one-click” attack.

The Tianfu Cup came about after the Chinese government banned China’s elite ethical hackers from participating in international competitive hacking events where zero-day exploits are demonstrated. Zero-day exploits target a vulnerability unknown to the vendor and, therefore, cannot be stopped immediately.

The most popular hacking event is Pwn2Own (pronounce the ‘pwn’ bit like the ‘own’ bit, you’re welcome), hosted by Trend Micro’s Zero Day Initiative, ZDI, and held twice a year in North America.

Pwn2Own Hackers Use Exploit Strings to Hack Samsung Galaxy S21

The last Pwn2Own event took place in Austin, TX from November 2-5, and it was here that the Samsung Galaxy S21 smartphone fell into the hands of hackers. Twice.

It would have been three times, but one of the hacking teams was unable to successfully execute their zero-day exploit within the allotted time.

However, on Wednesday, November 3, the STARLabs team used a chain of exploits to successfully attack the Samsung Galaxy S21. Officially, this was categorized as a “collision” rather than an outright success, as this attack chain included a vulnerability already known to Samsung rather than being a full zero-day chain.

Thursday, November 4, Sam thomas, research director at Pentest Limited, was able to get code execution on the Samsung Galaxy S21 using a three-bug string that earned a full success label. It also earned the Pentest Limited team a cash prize of $ 50,000. The STARLabs team received $ 25,000 for their hacking efforts. Hackers are also successful in keeping affected devices in what ZDI called ‘shipping of everything pwned to those who owned. ‘

Considering this is the second Pwn2Own hack event this year, if you combine the two, over $ 2 million has been awarded. When it comes to Pwn2Own Austin, there could only be one winner. Well, two if you count security in general. It was a close game between the top three hacking teams, with STARLabs third with 12 “Master of Pwn” points and winning $ 112,500. However, the top two were neck and neck, with DEVCORE in second with 18 points and $ 180,000 earned, just behind the Synacktiv team with 20 points and $ 197,500.

Where were all the “wow factor” hacking targets?

It is true that Pwn2Own Austin lacked wow factor goals, if not money, at least compared to the Tianfu Cup. Along with the Samsung Galaxy S21 smartphone, Pwn2Own also saw a Sonos One speaker drop (thus earning the Synacktiv team $ 60,000), but otherwise it was a bunch of routers and printers. Not that these are not worth targeting products, and once the impacted vendors fix the exposed vulnerabilities (they have 120 days before methodologies are publicly disclosed), users will be a little more secure. . However, the Chinese event had a dramatic impact with Microsoft Windows 10 and Google Chrome being pwned.

MORE FORBESHackers Breach iOS 15, Windows 10, and Google Chrome in Massive Cyber ​​Security Attack

Indeed, it was disappointing not to see any of the new iPhone 13s running iOS 15.1, or the latest Google Pixel 6, going through hacker inspection. I asked Brian Gorenc, senior director of vulnerability research and ZDI program manager at Trend Micro, why.

“When we announced the competition, we included the latest handsets available from each vendor,” Gorenc said. Since then, although Apple and Google both launched new smartphones, “these new models weren’t available to all of our researchers,” he explains, “so we continued with the hardware versions we had. initially announced “. It’s still a shame to only see the Samsung Galaxy S21 being put to the test, it must be said.

While I had the opportunity, I also asked Gorenc about his vision for the Tianfu Cup and the impact of the withdrawal of the hugely successful Chinese hacking teams on Pwn2Own?

“When the Chinese teams withdrew from our competition, we saw an initial drop in participation,” Gorenc said, “however, their exclusion actually opened the door for other researchers.” Indeed, he says Pwn2Own Austin is the biggest Pwn2Own event ever with “more than double the number of entries we are used to seeing”. On the contrary, he adds, “the lack of Chinese teams has made it possible for independent researchers and other teams to have their own success and to take the competition to heights that we did not expect.” Indeed, the discovery of no less than 61 unique zero-days seems to attest to this.

Gorenc wouldn’t be drawn into the more political debate surrounding China and the way it surrounds the national hacking community when it comes to uncovering and disclosing zero days. “We can’t talk about other contests, but at Pwn2Own, vendors receive full details of the exploit within minutes of demonstrating the bug on stage,” he says. “Pwn2Own seeks to strengthen platforms by revealing vulnerabilities and providing this research to vendors,” Gorenc said, concluding, “the goal is always to fix these bugs before they are actively exploited by attackers.” .

I have contacted Samsung to find out when Galaxy S21 users can expect to see these vulnerabilities fixed and will update this article in due course.



Leave A Reply