Richard Zhu and Amat Cama, two white hat hackers, recently teamed up at the Mobile Pwn2Own contest in Tokyo and ended up earning a $60,000 prize after finding an iPhone exploit, according to a blog post on the Zero Day Initiative website.
The duo used a Safari weakness on an iPhone X running iOS 12.1 to retrieve a photo that had recently been deleted from the device. The hackers used a malicious Wi-Fi access point to exploit a just-in-time (JIT) compiler vulnerability.
[youtube https://www.youtube.com/watch?v=IaTRdIi3-0s&w=560&h=315]
The exploit the two hackers discovered can also be used to access additional files beyond deleted photos; the deleted photo just happened to be the first file the two came across and so it was used as a demonstration.
Next up, Amat and Richard returned to the Short Distance category. This time, they were targeting the iPhone X over Wi-Fi. They used a pair of bugs – a JIT vulnerability in the web browser followed by an Out-Of-Bounds write for the sandbox escape and escalation. The successful demonstration earned them $60,000 USD more and 10 additional Master of Pwn points. This ends their first day of competition with $140,000 USD and a commanding lead for the Master of Pwn with 31 points.
With the prize money and points awarded from the iPhone vulnerability along with other exploits shown off at the event, Zhu and Cama won the “Master of Pwn” title.
Apple has been informed of the vulnerability and will likely address it in an upcoming iOS update.
Discuss this article in our forums
