Hacking is an essential part of every day’s security. Don’t you believe it? Well, offense is the best defense. You have to know how to steal before you can stop a thief. In the world of cybersecurity, hacking plays an important part as it allows a company learn about the flaws of its system and make a better product each time.
The biggest hacking contest of all times – Pwn2Own – recently took place. For the first time in the history of Pwn2Own, Microsoft and VMware sponsored the contest, allowing the total prize to be $2,000,000! This contest is a great way to inspire white-hat hackers to test out systems and make their contributions to a better security. This year, the total prize money hackers took home is $267,000 which is lower than the amount of previous years.
This year, the winner of Pwn2Own is Richard Zhu by earning 12 points for hacking Edge and Firefox browser. He alone took home $120,000. The security researchers were permitted to keep the laptop they tried to exploit. Other apps like VirtualBox, VMware Workstation, Microsoft Hyper-V Client, Chrome, Safari, NGINX, OpenSSL etc. were available for hacking. The highest prize ($250,000) was for hacking Microsoft Hyper-V – a sandbox escaping to hypervisor or kernel. Microsoft Edge was already known as a vulnerable browser.
The contest was organized by ZDI (Zero Day Initiative) from Trend Micro who sent all the vulnerabilities from the event to the vendors with a 90-days deadline. In the event, Safari, Firefox & Edge got hacked successfully. Hackers were also able to hack VirtualBox partially.
Here are the results of the 2 days of Pwn2Own 2018.