Hackers managed to expose several vulnerabilities in Android and iOS during the recently held Pwn2Own 2013 contest. The contest paid out $117,500 in cash to several hackers who found serious security flaws within Android and iOS. The largest of the three cash prizes was $50,000, paid to "Pinkie Pie," a hacker who is yet to celebrate his 21st birthday. This same hacker has already collected two major bounties in the past 19 months. His previous hack includes exploiting a vulnerability found in the Google Chrome browser, which gives him complete control over the computer.
"Congratulations to PinkiePie (aka PwniePie) for a beautiful piece of work to close out the Pwnium competition!" an advisory accompanying the update for Windows, Mac, and Linux versions of Chrome stated. Referring to an exploit unleashed on Wednesday, it continued: "We also believe that both submissions are works of art and deserve wider sharing and recognition."
It's quite interesting because PinkiePie doesn't have a team unlike several of the other hackers who attended Pwnium. It truly shows the skill this hacker posseses, and it wouldn't come as a surprise if he gets an offer from Google, Apple, or several big corporations in the technology field.
At the recent hackathon that took place last week, Pinkie Pie manage to pull off a similar hack against Chrome to control both a Nexus 4 and a Samsung Galaxy S4. This isn't an easy task because modern browsers like Chrome is endowed with security mitigations designed to minimize the damage whenever hackers come across software bugs and buffer overflows.
"The exploit took advantage of two vulnerabilities-an integer overflow that affects Chrome and another Chrome vulnerability that resulted in a full sandbox escape," HP's senior security content developer, Heather Goudey said about the Pinkie Pie hack. "The implications for this vulnerability are the possibility of remote code execution on the affected device."
Separately, a hacking team in Japan secured $40,000 for two exploits in Android, and a group from China walked away with $27,000 for hacking the iPhone via Safari.