Windows 10, iOS 15, Ubuntu and Chrome hacked in Chinese hacking contest ‘Tianfu Cup’

news

In the Tianfu Cup, China’s largest and most prestigious hacking contest, a Chinese security researcher hacked the world’s most popular software and won $1.88 million.

The contest, held in Chengdu over the weekend of October 16 and 17, 2021, was won by researchers from the Chinese security firm Kunlun Lab, who took home $654,500, one-third of the total prize pool.

赛博昆仑
是专注于软件与系统安全的新一代网络空间安全公司。公司拥有一批在网络安全领域扎根数十年的资深安全专家,他们在软件与系统安全、云安全、安全攻防与对抗等领域有着丰富的经验和全球领先的技术成果与能力。公司致力于为政府、金融、运营商、教育、医疗、互联网等行业客户提供全球最尖端的、面向未来的高级网络安全产品、解决方案与服务。

For the fourth time, the competition was held under the rules that have become a staple established in the Pwn2Own hacking contest.

A series of targets will be announced by the organizers in July, and participants will have three to four months to prepare their exploits and run them on devices provided by the organizers on the contest stage.

Researchers can do multiple device hacking challenges if they want to increase their winnings by three 5-minute trials.

This year’s competition had 16 targets and 11 participants successfully exploited against 13 targets, making it one of the most successful Tianfu Cup competitions.

Not hacked were a Synology DS220j NAS, a Xiaomi Mi 11 smartphone, and an unbranded Chinese electric car, and none of the participants were even registered to attempt the exploit.

On the other hand, the exploit was successful against almost everything, as shown below.

Windows 10 – 5 times
Adobe PDF Reader – 4 times
Ubuntu 20 – 4 times
Parallels VM – 3 times
iOS 15 – 3 times
Apple Safari – 2 times
Google Chrome – 2 times
ASUS AX56 U Router – 2 times
Docker CE – 1 time
VMWare ESXi – 1 time
VMWare Workstation – 1 time
qemu VM – 1 time
Microsoft Exchange – 1 time

Although most of the exploits were privilege escalation or remote execution vulnerability attacks, two exploit attacks presented at this year’s Tianfu Cup stand out

The first is an attack chain that executes remote code without interaction when a fully patched iOS 15 is run on the latest iPhone 13.

The second is a simple two-step remote code execution chain targeting Google Chrome, which is something we haven’t seen in hacking competitions in the last few years.

This year’s competition was particularly noteworthy because of the fact that one of the iOS exploits released at last year’s competition was used in the Beijing regime’s cyber espionage against the Uyghurs.

Western security experts increasingly believe that China banned Chinese security researchers from participating in hacking contests held abroad in 2017 in order to better use their exploit-making abilities for its own operations.

Comments

タイトルとURLをコピーしました