Qihoo’s 360Vulcan team, along with their 360 Mobile Safe Team, managed to hack Google Chrome within 11 minutes to achieve system level privileges at the hack event Pwn2Own 2016.
Pwn2Own is a world-known security contest that is held at the CanSecWest security conference in Canda. During this event, security researchers worldwide gather and attempt to exploit vulnerabilities that are not known in software and mobile devices.
The 360 Vulcan team managed to hack Adobe Flash Player (nothing new here), which allowed the team to gain system level privileges on a Windows 10 install. The team was awarded $80,000 and obtained a solid 13 points.
The team also managed to find an exploit in Google Chrome. Chrome is considered the most secure browser and is the most difficult challenge in the Pwn2Own contest. The team managed to make use of four different zero-day vulnerabilities and the team was awarded $52,500.
The point of this event is to try and crack software and then to send notice of these issues to their respective companies in an attempt to make the web more secure for everyone. Malware is everywhere and there are plenty of hackers in the world but it its a nice change of pace to see a team stand there graciously accepting an award for making the tech world a little safer.