• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Mobile Security   »   Presenting Mobile Pwn2Own 2016

Presenting Mobile Pwn2Own 2016

  • Posted on:September 6, 2016
  • Posted in:Mobile Security, Network, Security, Zero Day Initiative
  • Posted by:
    Brian Gorenc
0

After taking a year off to do some paperwork, the Zero Day Initiative (ZDI) invites you to join us for the fifth annual Mobile Pwn2Own competition, to be held this year on October 26 and 27 at the PacSec Security Conference in Tokyo, Japan. We’re looking forward to rewarding the world’s top security researchers for demonstrating and disclosing their attacks on the latest and most popular mobile devices. As we did earlier this year, we’ll crown an overall Master of Pwn.

This year, we’re upping the prize pool to over $500,000 USD, adding bonuses for quality exploits, and introducing new devices in order to attract the best and brightest researchers and enhance security for the most popular mobile platforms. 

In you aren’t familiar with it, Mobile Pwn2Own is ZDI’s annual contest that rewards security researchers for highlighting vulnerabilities on various mobile platforms. You probably have heard of our contest for other platforms, Pwn2Own, which was held in March this year at CanSecWest. With the near-ubiquity of mobile devices, vulnerabilities on these platforms are becoming increasingly coveted and are actively sought after by those looking to break into mobile devices. This contest helps to harden these devices and their operating systems by finding vulnerabilities first and sharing that research with the vendors. The goal is to get these bugs fixed before they’re actively exploited.

The Targets 

This year’s contest brings three of the most popular smartphone platforms available:

  • The Apple iPhone 6s
  • The Google Nexus 6p
  • The Galaxy S7

All of these phones will be running the latest version of their respective operating systems with all available patches installed. There are rumors of new versions of these phones being introduced between now and the contest. Should a new phone become available in time to be integrated into the contest, we’ll work to add it as an available platform.

The Categories

With this year’s contest, we decided to focus on three specific areas:

1. Obtaining sensitive information outside of the sandbox.
   

Imagine browsing to a website from your phone only to have all of your contacts stolen. Imagine viewing a text message that leaks your private photos. Valuable data exists on your phone, and we’re interested in methods attackers can use to gain access to that data.

2. Installing a rogue application.

Imagine opening your phone one day to find an app you didn’t install. One method of taking over a phone is to put your malicious app on it, and we’re interested in seeing how this can be done without user interaction.

3. Force the phone to unlock.
   

Our largest award goes to the most difficult attack – forcing a locked iPhone to open. In other words, if someone stole or seized your locked iPhone, can they access the data without your permission? This type of attack has been spoken of in many high-profile cases recently, and we look forward to see someone attempt it.

Here are the monetary awards for each category and the associated points earned towards the Master of Pwn (more on that in a bit):

Category Phone Price (USD) “Master of Pwn” Points
Obtaining Sensitive Information Apple iPhone $50,000 10
Google Nexus $50,000 10
Samsung Galaxy $35,000 7
Install Rogue Application Apple iPhone $125,000 23
Google Nexus $100,000 20
Samsung Galaxy $60,000 15
Force phone unlock Apple iPhone $250,000 42

The first contestant to successfully compromise a target within each selected category will win the prizes for the category. To compromise a target during the contest, a contestant has three attempts during a 20-minute time slot in which to complete the exploit. Each of these attempts will be limited to a time period of 5 minutes. An attempt must be launched from the target under test by either browsing to the malicious content in the default browser or by viewing or receiving a malicious MMS/SMS message. The full rules can be found here.

The Master of Pwn – now with Style Points!

We introduced the Master of Pwn title at this year’s Pwn2Own, and we’re extending it to Mobile Pwn2Own as well. Rather than have people speculate on a “biggest winner,” we formalized the process (and made a smoking jacket for it!). Points are awarded for each successful exploit, and the contestant with the highest total points at the end of the contest will receive 65,000 ZDI reward points (estimated at $25,000). For Mobile Pwn2Own, we’re adding style points for the more resilient and mature exploits. Here’s how it breaks down:

Style Bonus Criteria Prize (USD) “Master of Pwn” Points
Sniper Bonus Successful in the first attempt $0 +2
Strength Bonus Successful three times in a row $0 +3
Stealth Bonus Exploit chain must demonstrate full process continuation on the first attempt $2,500 +4
Supreme Bonus Executing code with kernel privileges $10,000 +5

 

For example, if a contestant has two successful entries (Obtaining Sensitive Information on the Apple iPhone with the Sniper Bonus and Install Rogue Application on the Samsung Galaxy S7 with the Sniper and Strength Bonuses) their total points would be 32 points.

The Complete Details

The full set of rules for Mobile Pwn2Own 2016 is available here. They may be changed at any time without notice. We encourage entrants to read the rules thoroughly and completely should they choose to participate.

Registration is required to ensure we have sufficient resources on hand at the event. Please contact ZDI at zdi@trendmicro.com to begin the registration process. (Email only, please; queries via Twitter, blog post, or other means will not be acknowledged or answered.) If we receive more than one registration for any category, we’ll hold a random drawing to determine contestant order. Registration closes at 5:00 p.m. Pacific Time on October 24, 2016.

The Results 

During the contest, Trend Micro’s Simply Security blog will be updated periodically with blogs and photos with the results from the competition. Follow us on Twitter at @thezdi and @trendmicro, and keep an eye on the #MP2O hashtag for continuing coverage.

We look forward to seeing everyone in Tokyo, and we look forward to seeing what exploits they bring with them. Dewa mata suguni ne.

Press

Please direct all Mobile Pwn2Own or ZDI-related media inquiries to zdi@trendmicro.com; and for Trend Micro specific questions, please contact Jerrod Resweber at publicrelations@trendmicro.com.

Related posts:

  1. TippingPoint DVLabs Provides Exclusive Security Coverage for Mobile Pwn2Own 0Day Vulnerabilities
  2. Zero Day Initiative announces Pwn2Own 2016
  3. The Results are In: Mobile Pwn2Own 2016
  4. Welcome to Mobile Pwn2Own 2016

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • New Report: Top Three Ways to Drive Boardroom Engagement around Cybersecurity Strategy
  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.