IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

iPhone 4 and Blackberry Torch hacked at Pwn2Own

Researchers highlight the fallibility of the two hugely popular phones in the Pwn2Own contest.

iPhone 4

Apple's iPhone 4 and the BlackBerry Torch 9800 were successfully hacked at the Pwn2Own contest.

This week has already seen researchers rewarded for their hacks on the Safari and Internet Explorer browsers, but yesterday, it was the turn of smartphones.

Well-known researcher Charlie Miller managed to take down the iPhone 4, whilst a team consisting of Willem Pinckaers, Vincenzo Iozzo and Ralf-Philipp Weinmann hacked the BlackBerry device.

For each hack, the winners received $15,000 (9,345).

Miller used an exploit to run arbitrary code on the iPhone after visiting a specific website on the hugely popular Apple device. The flaw has now been patched with the iOS 4.3 release, which was issued this week, ahead.

It is the fourth year in a row Miller had won a contest at Pwn2Own.

The BlackBerry hackers had to get around a range of issues, largely because no debugger was available for the BlackBerry's current browser, Kaspersky Labs' Threatpost reported. Indeed, the team had little documentation to go on whatsoever.

"It was all trial and error. We didn't have a debugger, so it crashes or it doesn't crash or it takes a long time to respond. Those are the three options," Pinckaers said.

"We had to figure out the memory map from small little pieces."

More mobile threats

Pwn2Own has highlighted the kinds of vulnerabilities hackers are seeking to exploit at a time when mobile security has come under increasing scrutiny.

A number of researchers have now picked up on a malicious version of a Google mobile security tool.

The genuine tool, designed to remove applications infected with the Droid Dream malware, was only released in the last week.

The Trojanised version does not appear on the official Android Market, but can be found on third-party app stores.

Symantec found the apps could be used to change access point name settings on devices, although the developers did not create a flawless piece of malicious kit.

"Our overall analysis of this threat has shown it to be a potentially worrying threat," Symantec researcher Mario Ballano said in a blog post.

"However, the threat's perpetrators have failed to fully implement all of the functionality within the infected applications, thereby lessening its potential impact as a threat."

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Apple cuts ties with Jony Ive after 30 years
Hardware

Apple cuts ties with Jony Ive after 30 years

13 Jul 2022
Best business smartphones 2022: The top handsets from Apple, Samsung, Google and more
Mobile

Best business smartphones 2022: The top handsets from Apple, Samsung, Google and more

23 Jun 2022
Apple faces a catch-22 decision with iPhones and USB-C
Policy & legislation

Apple faces a catch-22 decision with iPhones and USB-C

8 Jun 2022
Apple overhauls SwiftUI navigation and brings a score of new features to developers at WWDC 2022
software development

Apple overhauls SwiftUI navigation and brings a score of new features to developers at WWDC 2022

7 Jun 2022

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022