A team of researchers has won $25,000 after breaking Knox’s security in less than a minute.
Every year in the city of Toronto the Pwn2Own cybersecurity contestwhere teams of independent researchers and employees representing well-known IT security firms put their skills to the test with some of the most impregnable devices on the market.
As collected in BleepingComputerone of the challenges that the participants have had to face is that of hack a samsung galaxy s22 and bypass knox completely. These high-end Koreans they have come out very well in our analysis and, in general, they have always praised the knox capabilities. And yet It has been achieved.
This is how the Samsung Galaxy S22 has been hacked
The rules of the contest were very clear: the participants had to try to “bust” the security of a Samsung Galaxy S22 updated to Android 13 and with all security updates installed. In total, the device was hacked four times during the four days of the event, as reported. The fastest attempt of all was achieved on the fourth day.
The last to achieve this were a team of researchers representing the firm Pentest Limited. they got, in just 55 secondsblow up all the security protocols of the device taking advantage of a zero-day bug and demonstrating its operation.
And what is a bug or zero-day vulnerability? Without going into excessive detail, this is a security flaw that just discovered and hasn’t been patched yet. They are dangerous bugs since, until they are corrected, attackers have a free hand to take advantage of the bug.
For this achievement, the Pentest Limited team won a prize of $25,000, a not insignificant number. Taking into account that during the event the security of routers, NAS, smart speakers and other devices was broken, it has been distributed almost a million dollars in prizes among all participants.