Chinese hacking contest reveals weakness in iPhones, Windows and more

Operating systems and software are put through thorough testing before public release. That doesn’t mean flaws don’t fall through the cracks. Hackers can exploit some of those flaws, forcing the developer to issue a quick update to patch them. Tap or click here for signs your device has been hacked.

It is also not common for people who don’t work in the cybersecurity industry to discover these flaws. After all, they are professionals who have made it their job to root out vulnerabilities.

So, when a hacking contest in China revealed significant problems in popular tech, it was a stark reminder that our devices are always at risk.

Here’s the backstory

The Tianfu Cup competition is held annually in China, and this year it tasked participants to hack into some of the most commonly used tech. It’s a cybersecurity summit aiming to highlight vulnerabilities in systems while also serving as an educational and awareness platform.

The event includes lectures and cybersecurity demonstrations, but the main attraction gives ethical hackers a chance to show off their skills. Participants of the hacking competition were given 15 targets to complete, with the winner walking away with some cash prizes.

Some of the target systems or apps were:

  • Google Chrome
  • Apple’s Safari
  • Adobe PDF Reader
  • Ubuntu 20/CentOS 8
  • Microsoft Exchange Server 2019
  • Windows 10
  • iPhone 13 Pro

Each assigned target system had a specific vulnerability that the hackers had to breach. If someone managed to perform a Remote Code Execution on an iPhone 13 Pro, they would be $120,000 richer. Perform a remote jailbreak, and the winner gets $300,000.

Hacking for the big prize

The most shocking thing the hackers found was all but three of the 15 systems or devices suffered from a successful hack.

This includes:

  • Using Safari to browse remote URL, control the browser or System.
  • Run a specific program as an unprivileged user to escalate privileges and run the command as root in Ubuntu.
  • In Windows 10, run a certain program as an unprivileged user to escalate privileges and run…