Tag Archive for: PWN2OWN

Hackers Score Nearly $1M at Device-Focused Pwn2Own Contest

/in


Security researchers and hackers demonstrated 63 zero-day vulnerabilities in popular devices at the latest Pwn2Own, exploiting printers from Canon, HP, and Lexmark, and routers and network-attached storage device from Synology and Netgear.

According to Trend Micro’s Zero Day Initiative (ZDI), which organized the competition last week, the collection of vulnerabilities earned $989,750 for the offensive cybersecurity specialists competing in the contest. While some attacks chained together a series of exploits to take control of the remote devices, including one that used five vulnerabilities, others found a single security weakness to target, such as the Pentest Limited team, which found a reliable single-click exploit in the Samsung Galaxy S22 mobile phone that required less than a minute to attack.

The Samsung exploit highlighted that significant vulnerabilities are out there to find, says Dustin Child, head of threat awareness at Trend Micro’s Zero Day Initiative.

“Just click a link on an affected device and you get owned,” he says. “It’s a very reliable bug, too. Very impressive research and quite the effective demonstration of why clicking unknown links can be dangerous.”

Focusing on IoT and Mobile

Pwn2Own started in 2007 as an annual contest connected with the annual CanSecWest conference, but has since branched out into two contests: one focused on computer operating systems and applications, and the other — which includes the latest contest — focused on devices and the Internet of Things.

Over the four days of the contest, offensive cybersecurity specialists discovered a significant number of vulnerabilities in printers and routers from major brands, but also targeted Bluetooth speakers and network-attached storage, ZDI stated in a summary of the contest results.

Because many of the devices are commonly used by small and medium-sized businesses (SMBs), companies should take the results of the competition as a warning, Child says.

“If anything, SMBs should understand that, while they may feel they aren’t large enough to be a target, their devices can and will be targeted by threat actors,” he says. “At [this] time, the attackers are just looking to add nodes to their botnet,…

Source…

ICS Exploits Earn Hackers $400,000 at Pwn2Own Miami 2022

/in


ICS Pwn2Own 2022

Pwn2Own Miami 2022, a hacking contest focusing on industrial control systems (ICS), has come to an end, with contestants earning a total of $400,000 for their exploits.

The contest, organized by Trend Micro’s Zero Day Initiative (ZDI), saw 11 contestants demonstrating their exploits in the OPC UA Server, Control Server, Human Machine Interface, and Data Gateway categories.

Participants targeted products from Unified Automation, Iconics, Inductive Automation, Prosys, Aveva, Triangle MicroWorks, OPC Foundation, Kepware, and Softing.

A majority of the 32 hacking attempts were successful — two failed and eight involved previously known bugs. These “bug collisions” still earned participants $5,000 for each attempt.

The white hat hackers who attended the event earned either $20,000, typically for remote code execution vulnerabilities, or $5,000, for DoS vulnerabilities. There was only one exception. The Computest Sector 7 team earned $40,000 for successfully bypassing the trusted application check on the OPC UA .NET standard.

This was the maximum amount that Pwn2Own participants could earn for a single exploit, and Computest’s attempt involved what ZDI described as one of the most interesting bugs ever seen at Pwn2Own. In fact, the Computest team earned the most points and a total of $90,000.

In 2020, at the first edition of the ICS-themed Pwn2Own, participants earned a total of $280,000. This event was not held in 2021 due to the COVID-19 pandemic.

Pwn2Own Miami 2022 took place between April 19 and April 21 alongside the S4x22 ICS security conference.

Related: Serious Vulnerability Exploited at Hacking Contest Impacts Over 200 HP Printers

Related: Device Exploits Earn Hackers Over $1 Million at Pwn2Own Austin 2021

Related: $1.9 Million Paid Out for Exploits at China’s Tianfu Cup Hacking Contest

view counter

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Previous Columns by…

Source…

Routers, NAS and phones hacked in Pwn2Own competition

/in


Security researchers gathered in Austin, Texas, this week for yet another Pwn2Own hacking competition, racking up more than $1 million in rewards for their exploit demonstrations.

The latest edition of the iconic hacking contest has seen a specific focus on network-attached storage (NAS) boxes as well as routers, with mobile phones and printers also on the menu.

Among the more popular targets at the competition was the Cisco RV340 router, which was subjected to nine successful or “collision” attacks that used previously known flaws, with one more attempt failing to execute. Researchers were able to break into the networking appliance using both known and unknown security vulnerabilities.

Also popular with hacker contestants was the Western Digital My Cloud Pro Series PR4100 NAS box. The storage device was the subject of nine successful or collision hacks.

Topping the contest was the team from security firm Synactiv, who managed to rack up $197,500 in payouts and 20 “Master of Pwn” points.

Second in the rankings was the Devcore trio of researchers Orange Tsai, Angelboy and Meh Chang, who showed off six successful attacks and claimed a total of $180,000.

The achievement continued a busy year for Orange Tsai in particular. In late 2020, they discovered and reported the ProxyLogon flaws in Microsoft Exchange Server, which were exploited by nation-state hackers prior to being patched. In August, the researcher took to the stage at Black Hat 2021 to discuss their discovery of ProxyShell Exchange bugs, which had been disclosed and patched in April.

Printers were also targeted in the event. Ten different entries were launched against either the Canon ImageCLASS MF644Cdw or Lexmark MC3224i. The ZDI noted that when researchers from Synactiv demonstrated a heap overflow attack against the MF644Cdw, it marked the first successful printer hack in the competition’s history.

The contest ended on Friday with researchers from NullRiver successfully exploiting two flaws in the Netgear R6700v3 router. The ZDI says that it paid out $1,081,250 in rewards over the four-day competition and received 60 new zero-day vulnerabilities.

Not every device put in the crosshairs has been successfully…

Source…