Held in the central Chinese city of Chengdu, in central China, the third edition of the Tianfu Cup was held over the weekend with fifteen teams of hackers who broke into the aforementioned programs using new exploits. The biggest winner at the event was the team from Chinese cyber-security giant, Qihoo 360, which pocketed $744,500 out of the total prize pool of $1.21 million. AntFinancial Lightyear Security Lab and security researcher, Pang, rounded out the top three.
— TianfuCup (@TianfuCup) November 8, 2020 According to ZDnet, competing teams were given three attempts of five minutes each to hack into a selected target using an original exploit. “For each successful attack, researchers received monetary rewards that varied depending on the target they chose and the vulnerability type”, said the report. All successful exploits are reported to the software vendors so that they can patch up the vulnerabilities through future updates. Users of the affected software can expect the patches to start rolling out in the coming weeks. The following is the list of software that were successfully hacked during this year’s competition:
iOS 14 running on an iPhone 11 Pro Android on Samsung Galaxy S20 Windows 10 v2004 (April 2020 edition) Ubuntu Chrome Safari Firefox Adobe PDF Reader Docker (Community Edition) VMWare EXSi (hypervisor) QEMU (emulator & virtualizer) TP-Link and ASUS router firmware
Featured Image Courtesy: Tianfu Cup