Stories
Slash Boxes
Comments

SoylentNews is people

Work from Home Pwn2Own Hackers Make $130,000 in 48 Hours from Windows 10 Exploits

posted by janrinok on Monday March 23 2020, @11:35PM   Printer-friendly
from the easy-money dept.

upstart writes in with an IRC submission for SoyCow420:

Work From Home Hackers Make $130,000 In 48 Hours From Windows 10 Exploits:

Those of you who follow my reporting may already be familiar with Pwn2Own, a series of hacking events that test some of the most talented hackers across the world. These elite security researchers have been trying to exploit popular software, hardware and services since 2007 in exchange for the kudos. And money. Lots of money. In November 2019, during the Pwn2Own Tokyo event, a total of $315,000 (£270,300), including one hacking group which earned $80,000 (£68,500) for hacking the Samsung Galaxy S10. Twice. That hacking group was Team Fluoroacetate, Amat Cama and Richard Zhu, who ended up earning a total of $195,000 (£167,000) and the coveted "Master of Pwn" title by the time the event was over. It looked like these master hackers wouldn't be able to defend that title as coronavirus travel restrictions, and fear of infection, threatened to cancel the Pwn2Own 2020 event taking place at the CanSecWest cybersecurity conference in Vancouver, Canada.

They need not have worried, as the event went virtual for the first time. This involved the various hackers submitting exploits in advance to the Pwn2Own organizers, who then ran that code during a Zoom live stream involving all the participants. The Zero Day Initiative that runs the Pwn2Own event said: "The world right now is a tumultuous place full of uncertainty. It is communities, such as the security research community and the incident response community, that we can rely on during these trying times. We are so appreciative of all those who helped the event come together and succeed."

The work from home hackers from Team Fluoroacetate certainly succeeded, winning the Master of Pwn title once again, along with that $130,000 bounty. While the full details of how they exploited Windows 10 and Adobe Reader will not be made public for 90 days to allow the vendors to produce security patches, I can tell you what they did in broad terms.

For the curious, here is Wikipedia's entry on sodium fluoroacetate, a poisonous substance with no known antidote.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Work from Home Pwn2Own Hackers Make $130,000 in 48 Hours from Windows 10 Exploits | Log In/Create an Account | Top | 2 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)

  • (Score: 3, Funny) by bmimatt on Tuesday March 24 2020, @04:24AM

    by bmimatt (5050) on Tuesday March 24 2020, @04:24AM (#974776)

    Working from home is simply more efficient, without the marketing drones flying by your cube with their endless chatter.

  • (Score: 2) by DannyB on Tuesday March 24 2020, @03:26PM

    by DannyB (5839) on Tuesday March 24 2020, @03:26PM (#975021) Journal

    Hackers agree. Windows has lower total cost of Pwnership.

    Microsoft Windows. Recommended by hackers everywhere. It has the quality, security, and stability that you have come to expect from the Microsoft brand name.

    --
    If you eat an entire cake without cutting it, you technically only had one piece.
(1)