Google Pixel And Pixel XL Hacked In 60 Seconds At PwnFest 2016 [Video]

This time around Google has introduced a new range of non-Nexus branded phones to the world, the Pixel and the Pixel XL, which have been getting rave reviews from critics and users apart. How far we can adjust ourselves to talk about its high-end specifications, as always, these two Pixel phones gave iPhone a run for their money, and as Google claims that these phones as as secure as iPhones, but a Chinese hackers team has successfully been able to hack the whole Pixel hardware in nevertheless 1 minute.

google-pixel-phone-hacked

All happened at the PwnFest 2016 hacking competition in Seoul. A team behind this exploit called White-Hat hackers from Qihoo 360 has demonstrated the ability of achieving remote code execution to gain control over the Google Pixel smartphones. To secure remote code execution (RCE), the team also demoed a proof-to-concept exploit that uses a zero-day vulnerability. Here’s everything you need to know how Google Pixel hacked in just 60 seconds.

The exploit allows for easy installation of malicious code on Pixel and Pixel XL phones, where the hacker managed to launch the Play Store before opening a web page on Chrome that read “Pwned By 360 Alpha Team,” and won a price money of $120,000.

Well! This isn’t the first time ever Google Pixel smart phone has been hacked. Keen Team of Tecent had discovered a zero-day exploit on Pixel at the Mobile Pwn2Own event in Japan, giving them access to the smartphone’s data. Google has been already informed about the vulnerabilities and a fix for the same is expected as part of security update patch next month.

This way how the hackers (attacker) have managed to exploit the smartphone. The demonstration video below shows you all.

There’s a rogue app running in the background, giving them full list of required permissions. It leaves all your data, including contacts, songs, videos, music and communication channels open for attackers to see wildly.

Then the hackers were able to successfully breach Adobe Flash using a combination of a decade-old vulnerability and once again won cash price of US$ 120,000. Pangu team on the other hand was able to fetch $80,000 for breaking through Safari on macOS Sierra using privilege escalation vulnerability, which almost took 29 seconds to break past the restrictions.

It makes a little difficult to hackers to jailbreak through restrictions, as Apple’s iOS platform is a closed source. However, this isn’t a big case with Android, it’s an open source operating system that sits on top of customization, making it far more vulnerable to hacking.

This year there was another hack that comes across QuadRooter vulnerability that had put about 1 billion Qualcomm-powered Android phones at risk. The security flaw gives attackers an unrestricted access to all the sensitive personal data stored on your smartphones.

Next generous Android vulnerability is related to Google’s full-disk encryption that allows hackers easily jailbreak encrypted smartphones that are better powered by Qualcomm chipsets. The best way to ensure your smartphones remain safe from malware and other attacks, it is recommended to download and install the updates whenever available. If the app asks you for permission, be careful before granting them. For example, the third-party camera app does not need access to your phonebook or SMS text messages.

Alternatively, you can also avoid sideloading of apps using APKs and its related files for many reasons, would be the first.

(Reports: TheRegister)

You might also like to check out: