(Image Courtesy: Samsung)
Contestants taking part in the Pwn2Own competition — a hacking contest — have outdone the security on Samsung’s Galaxy S22 in under a minute.
The Pwn2Own is held annually and invites security researchers from around the globe to participate for cash prizes.
As Bleeping Computer reports, Samsung’s current flagship Android smartphone was hacked three times in the first two days of the competition.
On the third day, security researchers representing Pentest Limited used an Improper Input Validation attack to execute a complete hack in just 55 seconds. They walked away with a pot of $25,000, which is 50 percent of the original cash award.
In all four cases, the Samsung Galaxy S22 was running the latest Android OS version with all available security updates installed, in accordance with the contest rules.
During the first day of the competition, the STAR labs team managed to exploit a zero-day vulnerability to hack the Galaxy S22. Zero-day exploits are security issues that are not known to the manufacturer and have no fixes available yet. The STAR labs teams walked away with $50,000 for their discovery.
Another researcher named Chim successfully demoed a second zero-day exploit, winning $25,000. Overall, the phone was hacked four times, with new discoveries of security bugs that were not known before.
The goal of competitions like Pwn2Own is to not only give security researchers a chance to show off their skills but also benefit the manufacturers of the devices, who learn of new exploits so that they can patch them.