Welcome to Mobile Pwn2Own 2016

img_0964Greetings from Tokyo where the 2016 Mobile Pwn2Own competition has begun! For this year’s edition, two separate contestants registered to target five specific targets through the day. We’ve also chosen specific tasks of technical excellence we are expecting, and we’re hoping to see a bit of flair go with it. Each successful exploit earns points, and additional style points may also be obtained for resilience, persistence, and system-level code execution. The researcher with the most points at the end of the conference will be crowned Master of Pwn and acquire this nifty smoking jacket!

The random drawing for positions has completed and here is the order for today’s competition (all times JTZ [UTC+9]):

10:00 Attempt #1 – Tencent Keen Security Lab Team targeting Google Nexus 6P with a rogue application installation.

– Potential payout (excluding Master of Pwn points): $100,000 USD

SUCCESS: Keen Labs uses two different bugs combined with other weaknesses in Android to install their rogue application on the Nexus 6P. They did it twice more to earn strength, stealth, and sniper style points. End result: $102,500 and 29 Master of Pwn points.

12:00 Attempt #2 – Tencent Keen Security Lab Team targeting Apple iPhone 6S with a rogue application installation.

– Potential payout (excluding Master of Pwn points): $125,000 USD

14:00 Attempt #3 – Robert Miller and Georgi Geshev from MWR Labs targeting Google Nexus 6P with a rogue application installation.

– Potential payout (excluding Master of Pwn points): $100,000 USD

16:00 Attempt #4 – Tencent Keen Security Lab Team targeting the Apple iPhone 6S with a sensitive information disclosure (photo leak).

– Potential payout (excluding Master of Pwn points): $50,000 USD

Total potential payout: $375,000 USD (plus any Master of Pwn bonuses)

Although we initially stated only the first contestant to complete a challenge would get the full payout for each category, we’ve decided to award the full payout for each successful attempt regardless of order. To compromise a target during the contest, a contestant is allotted three attempts during a 20-minute time slot to complete the exploit. Each of these attempts will be limited to five minutes. An attempt must be launched from the target under test by either browsing to the malicious content in the default browser or by viewing or receiving a malicious MMS/SMS message. The full rules can be found here.

We’ll continue to update this blog with the outcomes as they occur and are confirmed. Also note that all times are subject to change without notice, so follow us on Twitter for the latest developments.

You can find out more information about Pwn2Own and the ZDI program by following http://blog.trendmicro.com/.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s