Hackathons happen to be an all-out favorite for the cybersecurity industry for their renewed sense of competing in real-time – testing your skillset against the best. Pwn2Own, one such yearly conference kicked off today in Tokyo with teams competing in exploiting bugs in the systems of well-reputed companies.
Pwn2Own follows an infrastructure in which if participants are successful, prize money is awarded along with certain points that contribute to the conference’s internal ranking system that decides winners at the very end.
Amidst all, one team going by the name of Fluoroacetate managed to gain major victories. It is worth mentioning that Fluoroacetate has a history of sophisticated hacks at Pwn2Own ultimately making them champions at Pwn2Own 2019 and Pwn2Own 2018 where the team hacked Xiaomi Mi 6, Samsung Galaxy S9, iPhone X, Apple Safari and Mozilla Firefox browser.
Moving on, they compromised the Samsung Q60 Smart TV bagging $15000 once again along with a couple of points, the Xiaomi Mi9 Smartphone cashing in $20,000 & 2 points and finally the king of Android, the Samsung Galaxy S10 which brought in $30,000 and 3 points.
All of these hacks in their entirety have earned them $145,000 & 15 points signaling preservation of the reputation that it has set as the winner of the last 2 contests as well in previous years.
That brings #Pwn2Own Tokyo 2019 to a close. Congrats to @fluoroacetate on successfully defending their Master of Pwn title. In two days, they racked up $195,000 for their research. Congrats! pic.twitter.com/q5OezDzqzY
— Zero Day Initiative (@thezdi) November 7, 2019
To add to this, it is worth mentioning that other teams also achieved some notable feats. Among them was FSecureLabs who also compromised Xiaomi’s Mi9 and Team Flashback who compromised TP-Link’s AC1750 router along with NetGear’s Nighthawk router.
Watch Pwn2Own Tokyo’s day one results:
This makes us wonder though, isn’t their a flaw in the way the cybersecurity departments of these companies operate given that they haven’t tested potential exploits within their products? Certainly and this happens every year. Last year, flagship smartphones such as the iPhone X and the Samsung Galaxy S9 were compromised at the very same conference as well.
However, the way the competition works revolves around bug bounty programs offered by these very companies so that they can continue to protect their products with monetary incentives. As an example, all bugs and flaws that will be found by every team in the entire conference will be handed over to Zero Day Initiative – the organizers of the event – who eventually pass them on to the respective companies.
With the conference making its way on to the second day tomorrow, we expect to see more action and dollars rolling in!