- Get link
- Other Apps
This weekend the third edition of the TianfuCup, a competition in which hacker teams have managed to successfully attack well-known tools or operating systems such as Windows 10, Firefox, Chrome or iOS 14.
It took place in Chengdu, the capital of Sichuan province in southwest China. Total fifteen teams participated, made up of hackers from the country, who had three attempts (of five minutes each) to hack the selected target and using an original exploit.
TFC 2020 has come to the end, all these excellent offensive researchers and their burning 0days makes #TFC 2020 a success! Thank you all for participating and following!🥳🥳🥳 pic.twitter.com/MwJLc5M0B4
All exploits are reported to those responsible for the software
The winning team of the event was 'Qihoo 360', who managed to pocket $ 744,500 of the total of 1.21 million dollars that were offered in this hackathon. The second position was occupied by 'AntFinancial Lightyear Security Lab' and 'Pang' the third position.
As a curious fact, Qihoo 360 repeats podium, since in the last edition of the TianfuCup it also managed to rise as the winning team.
At TianfuCup 2020 they successfully hacked the following software list:
- Chrome
- Safari
- Firefox
- iOS 14 running on an iPhone 11 Pro
- Android running on a Samsung Galaxy S20
- Windows 10 v2004
- Adobe PDF Reader
- TP-Link and ASUS router firmware
- VMWare EXSi
- Adobe PDF Reader
As they explain in ZDnet, "for each successful attack, the researchers received monetary rewards that varied according to the target they had chosen and the type of vulnerability".
For example, in the case of iOS 14 / iPhone 11 Pro, we can see that $ 180,000 was offered to the team that managed to hack this target (which, in this case, was taken by @CodeColorist):
Confirmed! $180,000 awarded! It's the highest bonus on a single target of #TFC 2020. 👏 @CodeColorist https://t.co/56c4eEm895
An interesting fact is that each of successful exploits were reported to those responsible for the hacked software, so that they can patch these vulnerabilities in future updates.