Child finds flaws in mobile games Published duration 8 August 2011

image caption The hacker conference now has a series of sessions aimed at a new generation of tinkerers

A novel class of security problems have been found lurking in many mobile games by a ten-year old hacker.

Going by the handle CyFi, the hacker presented her findings at the DefCon hacker conference held in Las Vegas.

She found that advancing the clock on a tablet or phone can, in many games, open a loophole that can be exploited.

CyFi discovered the bug after getting bored with the pace of farming games and seeking ways to speed them up.

Find and fix

While many games detect and block clock-based cheating, CyFi found ways round these security measures. Disconnecting a phone from wi-fi and only advancing a clock by small amounts helped to open up the loophole as it forced the game into a state not tested by its original creators.

Details about what this bug opens up have not been revealed but such flaws are often used to let an attacker run their own code and get access to useful or saleable data.

CyFi's discovery has since been verified by independent security researchers.

The exploit has been found to work in versions of games for both Apple and Android gadgets. Exactly which games are vulnerable has not been revealed to give their creators time to fix them.

CyFi gave a presentation about her findings at DefCon Kids , the first meeting at the larger DefCon Con hacker conference, aimed at younger people who are interested in tinkering with hardware and software.