Google’s new flagship just got hacked by a Chinese team at in under 60 seconds.
At PwnFest, a hacking competition in Seoul, South Korea, a team of white-hat hackers known as Qihoo 360 demonstrated an exploit that allowed for remote code execution on the Pixel. In under 60 seconds, the team used a zero-day vulnerability to remotely install code on Google’s sought after device.
The exploit launched Google Play Store and then Google’s mobile version of Chrome before displaying a messaged that read “Pwned by 360 Alpha Team.”
Qihoo 360 won a cash prize of $120,000 for the hack and sent Google to the drawing board in trying to figure out how to patch it.
All told, the team walked away with $520,000 in cash prizes after demonstrating additional vulnerabilities in Microsoft Edge on Windows 10, and a decade-old exploit that inexplicably still works on Adobe Flash.
Not a bad day’s work.
Google Pixel pwned in 60 seconds on The Register