In the Pwn2Own hacking contest held in Tokyo, Japan, the white hat hacking team, codenamed Fluoroacetate, has continuously attacked various equipment of many manufacturers. The purpose of the hacking contest is to demonstrate vulnerabilities in widely used devices and software, and the vulnerabilities found in the game will be forwarded to the organizer. The event organizer will transfer the vulnerability to the relevant manufacturer to allow the manufacturer to fix the vulnerability, thereby improving the overall security of the device or software.
Finally, the team also used undisclosed vulnerabilities to break through the Samsung Q60 smart TV ($15K, 2 points), Xiaomi Mi9 smartphone ($20K, 2 points), and Samsung Galaxy S10 ($30K, 3 points). On the first day of the hacking contest, the Fluoroacetate team received up to $145,000 in rewards and 15 PWN points, which is far ahead of other teams.
After the end of the hacking contest, there was no surprise that the Fluoroacetate team continued to win the championship. This is the third consecutive year that the team has won the PWN master in the hacking contest.
The Fluoroacetate team received a total of $195,000 in rewards and 18.5 points. After the contest, the organizers presented the trophy to recognize the team’s contribution. On the other team side, new participant Flashback received a $50,000 reward, and the team of security company F-Secure Labs received a $70,000 award. In all the test equipment, the researchers found a total of 18 security vulnerabilities, and the event organizers provided a total of $315,000 in rewards for these vulnerabilities.
After the event, the related vulnerabilities have been transferred to the on-site manufacturer response personnel who have 90 days to issue a patch fix.