The Hacker News Logo
Subscribe to Newsletter

Hacker 'Pinkie Pie' successfully compromised Chrome on Nexus 4 and Samsung Galaxy S4

A Mysterious Hacker who goes by the "Pinkie Pie" handle is rewarded with $50,000 USD for hacking into the Google Chrome browser for Nexus 4 and Samsung Galaxy S4.
At Information Security Conference PacSec 2013 in Tokyo, during the HP's Pwn2Own contest, a zero-day exploit showcased by "Pinkie Pie", that took advantage of two vulnerabilities:
  • An integer overflow that affects Chrome.
  • Chrome vulnerability that resulted in a full sandbox escape.
For successful exploitation, you have to get your victim to visit a malicious website e.g. clicking a link in an email, or an SMS or on another web page. He demonstrated this zero-day attack with remote code execution vulnerability on the affected devices.

It is not known whether other Android phones are also vulnerable to same flaw or not. Vulnerability has been disclosed to Google by the Contest organizers and the company is working to address the issue as soon as possible.

Researchers from Japan has also found a second exploit for the Samsung Galaxy S4, for which they are rewarded with $40,000 yesterday.

Stay tuned to +The Hacker News 's Facebook Page and Twitter Account for more updates!
SHARE
Comments
Latest Stories
Top Deals

Always First — Subscribe

Over 500,000 Information Security professional read and trust our news platform. Join them and get all latest hacking news, free eBooks delivered to your inbox - free!