Microsoft Edge running on Windows 10 64bit was hacked twice by two different teams at PwnFest which is a bug pwning festival for better security organized by POC.
Hackers Won $140,000 For Hacking Microsoft Edge
Bug bounty programs and some other White hat hacking competitions are the hot trends in the digital world. We have previously seen Hackers winning $215,000 for hacking iPhone 6S and Nexus 6P in Pwn2Own contest.
A similar type of incident happened in PwnFest which is a bug pwning “festival” for better security organized by POC. At this festival, security firms and hackers target different platforms. The winners receive the cash prize and the platform developers get to know about the existing vulnerabilities.
At PwnFest 2016, which was held in Seol, Hackers from Qihoo 360 and South Korean security researcher JungHoon “Lokihardt” shown two different hacks that exploited Edge’s vulnerabilities. The amazing part is out of those two hacks, one was completed in just 18 seconds. According to The Register, Both won $140,000
The internet browser was running on a 64-bit version of Windows 10 Anniversary Edition (Redstone 1). The exploits were based on SYSTEM-level remote code execution in the web Browser.
Qihoo 360 team had worked hard for the past 6 months to develop the attack. However, recently Microsoft’s update patched 3 out of 4 vulnerabilities that are required for the attack. Qihoo 360 team managed to rework their Microsoft Edge browser attack within a span of 30 hours prior to the event.
PwnFest 2016 event also witnessed the world’s first attack on VMware Workstation 12.5.1 from another Qihoo hacker team and Lee they won $150,000 for the hack. You have to wait for some more time if you are willing to know technical details about the hack because the discovered flaws will be provided to the vendors first.
So, if you find this story interesting, drop your views in the comment section below.