• Home
  • About 404TS
  • Contact

404 Tech Support

Where IT Help is Found

  • Articles
    • Code
    • Entertainment
    • Going Green
    • Hardware, Gadgets, and Products
    • Management
    • Network
    • News
    • Operating Systems
    • Security and Privacy
    • Software
    • System Administration
    • Talking Points
    • Tech Solutions
    • Web
    • Webmaster
  • Reviews
  • Media
    • Infographics
    • Videos
  • Tech Events
  • Tools
    • How do I find my IP address?
    • Browser and plugin tests
  • Get a Technical Consultation
You are here: Home / Articles / Hardware, Gadgets, and Products / Mobile Pwn2Own 2012 shows Galaxy S III and iPhone 4S hack

Mobile Pwn2Own 2012 shows Galaxy S III and iPhone 4S hack

2012-09-19 by Jason

At the EUSecWest 2012 conference, a Mobile Pwn2Own is taking place to test vectors on smartphones mobile web browsers, operating systems, NFC, SMS, and cellular baseband. Prizes are offered to the security researchers able to compromise the device. They will be rewarded with a cash prize and the device itself.

A successful attack against these devices must require little or no user interaction and must compromise or exfiltrate useful data from the phone. Any attack that can incur cost upon the owner of the device (such as silently calling long-distance numbers, eavesdropping on conversations, and so forth) is within scope.

The rules for Mobile Pwn2Own 2012 are detailed at the Tipping Point site.

Vector : Prize

Mobile Web Browser: $30,000 USD
Mobile Operating System: $30,000 USD
NFC: $40,000 USD
SMS: $40,000 USD
Cellular Baseband: $100,000 USD

Devices

Nokia Lumia 900 (Windows Phone 7.5 OS version: 7.10.8779.8)

HTC Titan II (Windows Phone 7.5 OS version: 7.10.8112.7)

Samsung Galaxy Nexus (GT-I9250 Android version: 4.1.1)

Samsung Galaxy SIII (SGH-T999 )Android version: 4.0.4

Sony Xperia P (Android version: 4.0.4 Build number: 6.1.B.0.544)

BlackBerry Bold 9900 (7.1 Bundle 998 )

Apple iPhone 4S (Version 5.1.1 (9B206) Carrier AT&T 12.0)

(Image courtesy of ZDI Twitter)

So far, the iPhone 4S and Galaxy S 3 have been compromised according to tweets from the Zero Day Initiative.

MWR Labs detailed their exploit of the Galaxy S III running Android 4.0.4 in a posting at their website.

MWR showed an exploit against a previously undiscovered vulnerability on a Samsung Galaxy S3 phone running Android 4.0.4. Through NFC it was possible to upload a malicious file to the device, which allowed us to gain code execution on the device and subsequently get full control over the device using a second vulnerability for privilege escalation.

More demos and exploits are promised at the conference tomorrow, so watch for this article to be updated with further results.

Update: I guess that was it. No new pwnings surfaced on the second day of Mobile Pwn2Own 2012.

Filed Under: Hardware, Gadgets, and Products, Security and Privacy

Trending

  • USB devices with built-in security
    In Hardware, Gadgets, and Products
  • ThreatFire – Proactive Antivirus and Spyware Protection
    In Security and Privacy, Software
  • Dual Monitor vs Ultra-Wide Monitor: Which is Better?
    In Hardware, Gadgets, and Products

Latest Media Posts

Find Out Where To Download SNES ROMs

Find Out Where To Download SNES ROMs

Multifunctional Video Conversion Tools – Wondershare Video Converter

Multifunctional Video Conversion Tools – Wondershare Video Converter

  • Popular
  • Latest
  • Today Week Month All
  • Access to the resource [servershare] has been disallowed Access to the resource [servershare] has been disallowed
  • What is the AllJoyn Router Service on Windows 10? What is the AllJoyn Router Service on Windows 10?
  • Read the Event Logs on Windows Server Core Read the Event Logs on Windows Server Core
  • How a DirecTV bill really works in 2015 How a DirecTV bill really works in 2015
  • SOLVED: “This modification is not allowed because the selection is locked.” SOLVED: "This modification is not allowed because the selection is locked."
  • How Virtual Reality Supports Mental Health Therapy How Virtual Reality Supports Mental Health Therapy
  • Key Strategies of Successful Coin Listing on Exchange Key Strategies of Successful Coin Listing on Exchange
  • Keeping Your Mac Healthy: A Comprehensive Guide to Maintenance and Troubleshooting Keeping Your Mac Healthy: A Comprehensive Guide to Maintenance and Troubleshooting
  • Making Distributed Software Development Work: Strategies and Best Practices for Managing Remote Teams Making Distributed Software Development Work: Strategies and Best Practices for Managing Remote Teams
  • customer contactless payment for drink with mobile phon at cafe counter bar,seller coffee shop accept payment by mobile.new normal lifestyle concept The Latest Innovations In Payment Technology
Ajax spinner

Elevator Pitch

404 Tech Support documents solutions to IT problems, shares worthwhile software and websites, and reviews hardware, consumer electronics, and technology-related books.

Subscribe to 404TS articles by email.

Recent Posts

  • How Virtual Reality Supports Mental Health Therapy
  • Key Strategies of Successful Coin Listing on Exchange
  • Keeping Your Mac Healthy: A Comprehensive Guide to Maintenance and Troubleshooting

Search

FTC Disclaimer

404TechSupport is an Amazon.com affiliate; when you click on an Amazon link from 404TS, the site gets a cut of the proceeds from whatever you buy. This site also uses Skimlinks for smart monetization of other affiliate links.
Use of this site requires displaying and viewing ads as they are presented.

Copyright © 2025 · Magazine Pro Theme on Genesis Framework · WordPress · Log in