Hacking iPhone 6S

Hacking Google's Nexus 6P

The Tencent Keen Security Lab Team from China has won a total prize money ofin the 2016 Mobile Pwn2Own contest run by Trend Micro's Zero Day Initiative (ZDI) in Tokyo, Japan.Despite the implementation of high-security measures in current devices, the famous Chinese hackers crew has successfully hacked both Apple's iPhone 6S as well as Google's Nexus 6P phones.For hacking Apple's iPhone 6S, Keen Lab exploited two iOS vulnerabilities – a use-after-free bug in the renderer and a memory corruption flaw in the sandbox – and stole pictures from the device, for which the team was awardedThe iPhone 6S exploit successfully worked despite the iOS 10 update rolled out by Apple this week.Earlier this week, Marco Grassi from Keen Lab was credited by Apple for finding a serious remote code execution flaw in iOS that could compromise a victim's phone by just viewing "a maliciously crafted JPEG" image.However, a tweet from Keen Team indicated it was able to make the attack successfully work on iOS 10.1 as well.The Keen Lab also managed to install a malicious app on the iPhone 6S, but the app did not survive a reboot due to a default configuration setting, which prevented persistence. Still, the ZDI awarded the hackersfor the vulnerabilities they used in the hack.For hacking the Nexus 6P, the Keen Lab Team used a combination of two vulnerabilities and other weaknesses in Android and managed to install a rogue application on the Google Nexus 6P phone without user interaction.The ZDI awarded them a whoppingfor the Nexus 6P hack.So, of the total potential payout of $375,000 from the Trend Micro's Zero Day Initiative, the Keen Lab Team researchers took home $215,000.