iPhone falls at Pwn2Own

According to Zero Day Initiative, an initiative founded by TippingPoint which organizes the security competition Pwn2Own, the iPhone has been successfully exploited within minutes of the competition starting.

According to Zero Day Initiative, an initiative founded by TippingPoint which organizes the security competition Pwn2Own, the iPhone has been successfully exploited within minutes of the competition starting.

The news was released via Twitter a few moments ago:

Vincenzo Iozzo and Ralf Philipp Weinmann successfully exploit the iPhone via Safari! Their payload pulled the SMS database.

The hack seems to have taken less than 10 minutes to pull off. The iPhone was a 3GS model and was running iPhone OS 3.1.3.

Note: Details on all the exploits used at Pwn2Own will be shared by contest organiser TippingPoint with the relevant vendors, allowing patches to be developed.

In order to compromise the iPhone the contestants exploited a zero day Safari vulnerability with a payload which retrieved the text messages from the device.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All