There was a hacking contest in which hackers were paid out
up to $117,500, equivalent to Ksh 10,575,000. The contestants were to exploit
handheld devices including Samsung Galaxy S4 and Nexus 4. Pinkie Pie, an under
21 hacker was crowned winner after using drive-by attacks to take over Nexus 4
and Samsung Galaxy S4, both with are android based devices.
Pinkie Pie’s hacks drew applause from the audience. Pinkie
used a malicious site to compromise the security of the devices and then went
ahead to execute a code on the android devices. A senior security content
developer at HP, Heather Goudey said that they had witnessed a successful
exploit on the two devices within minutes; they were ready to pay out $50,000 (Ksh450,000)
for the breach. Pinkie compromised chrome on both Nexus 4 and Samsung Galaxy S4
just for a good measure.
Pinkie’s exploit took advantage of two vulnerabilities. The
first one is an integer overflow that affects chrome and the second is a chrome
vulnerability that resulted in a full sandbox escape. The implications for this
vulnerability are the possibility of remote code execution on the affected
device.
A report by ESET indicates that cybercriminals are
increasingly targeting android devices with malware detections rising in the
West and China. It’s therefore important that you add a layer of security by
availing ESET Mobile Security for your device. Additionally, get acquainted tothe nitty-gritty of making your device more secure using the built-in tools.
