News

The organizers of the Pwn2Own hacker contest Will Offer Participants to Hack Remote Employees

Representatives of the Trend Micro Zero Day Initiative (ZDI) announced the main goals and prizes for the upcoming Pwn2Own hacker contest, which will be held in December.

A new competitive category has also been introduced, in which researchers will hack into an environment that mimics a typical home office.

Let me remind you that we talked about the fact that Pwn2Own members made the printer to play AC / DC, and also that Pwn2Own 2021 ended: Windows 10, Ubuntu, Safari, Chrome and Zoom were hacked.

The next Pwn2Own will take place December 6-8, 2022 in Canada. This time, the event will not be held at the same time as the conference, so ZDI has decided to reimburse attendees $3,000 in travel expenses to encourage as many experts as possible to attend Pwn2Own in person. However, as in previous years, bug hunters will be able to compete remotely, and ZDI employees in Toronto will run exploits for them.

This year’s competition will have a total prize pool of more than one million dollars, plus participants will receive additional prizes for exploits that target mobile phones, wireless routers, smart home hubs, smart speakers, printers, and NAS devices.

It was also revealed that a new category called “The SOHO Smashup” will appear on Pwn2Own this year, where members can earn up to $100,000. In this category, researchers will be asked to hack into an environment that mimics a typical home office. In essence, the goal is to hack the router through the WAN interface and then go to the local network, where you will need to compromise any other device of your choice (for example, a printer, NAS, and so on).

At the first stage, participants will be able to try their hand at hacking TP-Link, Netgear, Synology, Cisco, MikroTik or Ubiquity routers. At the second stage, they will be able to choose a target from a long list of devices, including Meta, Amazon, Google, Sonos, Apple, HP, Lexmark, Canon, Synology and WD IoT products.

Although this version of Pwn2Own is no longer called Pwn2Own Mobile, mobile phones are still the most attractive target for members from a financial standpoint. So, researchers can earn up to $250,000 if they demonstrate a successful hack of Apple’s iPhone 13 or Google’s Pixel 6. Samsung Galaxy S22 hack could net members another $50,000.

Also, a cash prize of up to $60,000 is offered for exploits for smart speakers and smart home hubs. Targets in this category are Sonos One, Apple HomePod Mini, Amazon Echo Studio, Meta Portal Go, Amazon Echo Show 15, and Google Nest Hub Max.

In addition, members will be able to receive up to $40,000 for Synology and WD NAS exploits, as well as $5,000 to $30,000 for router vulnerabilities. Printer exploits will cost up to $20,000.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove Kurlibat.xyz pop-up ads (Virus Removal Guide)

Kurlibat.xyz is a site that tries to trick you into clik to its browser notifications…

2 hours ago

Remove Initiateintenselyrenewedthe-file.top pop-up ads (Virus Removal Guide)

Initiateintenselyrenewedthe-file.top is a domain that tries to trick you into clik to its browser notifications…

2 hours ago

Remove Wotigorn.xyz pop-up ads (Virus Removal Guide)

Wotigorn.xyz is a site that tries to force you into subscribing to its browser notifications…

2 hours ago

Remove Initiateintenselyprogressivethe-file.top pop-up ads (Virus Removal Guide)

Initiateintenselyprogressivethe-file.top is a domain that tries to force you into clik to its browser notifications…

2 hours ago

Remove Nuesobatoxylors.co.in pop-up ads (Virus Removal Guide)

Nuesobatoxylors.co.in is a domain that tries to trick you into subscribing to its browser notifications…

6 hours ago

Remove Helistym.xyz pop-up ads (Virus Removal Guide)

Helistym.xyz is a site that tries to force you into clik to its browser notifications…

6 hours ago