Logically speaking, the latest handsets and operating system versions should be the most secure ones around, right? Well, tell that to a group of white hat hackers from Chinese security firm Qihoo and your claims would be met with a smirk. And why not? These are the same people who at the recent PwnFest conference in South Korea managed to hack into the Pixel in less than a minute.
According to reports, the hackers used an undisclosed zero-day vulnerability within Android Nougat and gained remote access to the Pixel smartphone. The vulnerability was then used to install a malicious code which in turn was used to open Chrome Chrome. The code also changed the default home page of the browser to display the message: “Pwned by 360 Alpha Team” when it was opened. While this might sound trivial, here is what should bother you more.
In the process of executing the hack by gaining remote access to the Pixel, the hackers were also able to siphon off large amount of personal data from the device. This included all user data – phone contacts, messages, emails, photos, videos and even card details. For their efforts, the Qihoo team was awarded a $120,000 bounty (roughly ₹81 lakhs) in cash.
Apart from the Android hack, the team from Qihoo was also able to crack Adobe Flash in less than four seconds. This attempt earned them another $120,000! Other vulnerabilities were also exposed by the team – which included products from Microsoft (EDGE Browser and Windows 10). In all, the team managed to rake in more than $520,000 as prize money.
Are you still feeling safe with that latest Android device with you?