Hackers gathered in Tokyo during the first week of November 2019; they were there to **bleep** stuff and make money. They succeeded, and then some. The “stuff” successfully hacked during the Pwn2Own Tokyo event included an Amazon Echo Show 5, a brace of smart TVs, some routers and the Xiaomi M9 smartphone. Oh yes, and the Samsung Galaxy S10. Twice.
Pwn2Own is a hacking event that started in 2007 and is now held twice every year. The hacking teams taking part are comprised of some of the leading security researchers, or “white hat” hackers, from around the world. They aim to “pwn” specific devices, in competition against each other. Pwning is defined as “utterly defeating” someone in a video game or, in this case, a something. Once a device has been pwned, the hackers can then claim to “own” it, and they demonstrate this ownership by doing things they shouldn’t be able to, such as exfiltrating data or installing malware. In Tokyo, the competition organized by Zero Day Initiative, saw hackers taking part win a total of $315,000 (£246,000) for their efforts in disclosing 18 different “zero-day” vulnerabilities. These vulnerabilities are then reported to the vendors of the pwned devices, with a 90-day timescale to fix the security issues before they are publicly disclosed. Every successful exploit at Pwn2Own earns points as well as cash for the hacking teams taking part. The team with the most points is crowned “Master of Pwn.” For the third year in succession, that title has gone to Team Fluoroacetate.
Who is Team Fluoroacetate?
Team Fluoroacetate is the highly successful hacker pairing of security researchers Richard Zhu and Amat Cama. At the Pwn2Own Vancouver event held during March 2019, Team Fluoroacetate managed to **bleep** a Tesla Model 3 car to exploit the infotainment system and display a message. They also pwned the Apple Safari, Microsoft Edge, and Mozilla Firefox web browsers at the same event. Their prize winnings from Vancouver totaled $375,000, and the Tesla Model 3 they had managed to **bleep**. They also won the Master of Pwn title, as they had at the previous event.
How was the Samsung Galaxy S10 hacked?
There has been a lot of attention paid to the hacking of any smartphone fingerprint security, and the Samsung Galaxy S10 itself hasn’t escaped the claims of fingerprint scanner hacking. This is hardly surprising given that new biometric technology could be featured, quite literally, front and center in the yet to be released Samsung Galaxy S11.