The Hacker News Logo
Subscribe to Newsletter

Hacker 'Pinkie Pie' successfully compromised Chrome on Nexus 4 and Samsung Galaxy S4

A Mysterious Hacker who goes by the "Pinkie Pie" handle is rewarded with $50,000 USD for hacking into the Google Chrome browser for Nexus 4 and Samsung Galaxy S4.
At Information Security Conference PacSec 2013 in Tokyo, during the HP's Pwn2Own contest, a zero-day exploit showcased by "Pinkie Pie", that took advantage of two vulnerabilities:
  • An integer overflow that affects Chrome.
  • Chrome vulnerability that resulted in a full sandbox escape.
For successful exploitation, you have to get your victim to visit a malicious website e.g. clicking a link in an email, or an SMS or on another web page. He demonstrated this zero-day attack with remote code execution vulnerability on the affected devices.

It is not known whether other Android phones are also vulnerable to same flaw or not. Vulnerability has been disclosed to Google by the Contest organizers and the company is working to address the issue as soon as possible.

Researchers from Japan has also found a second exploit for the Samsung Galaxy S4, for which they are rewarded with $40,000 yesterday.

Stay tuned to +The Hacker News 's Facebook Page and Twitter Account for more updates!

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.