You are currently viewing TIANFU CUP: Chrome, Office 365, Microsoft Edge Compromised

TIANFU CUP: Chrome, Office 365, Microsoft Edge Compromised

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments
Tianfu Cup International PWN Contest holds with the target of creating China’s own “Pwn2Own” contest. Pwn2Own is a computer hacking contest held yearly at the CanSecWest security conference, in Canada beginning in 2007.
The original event comes up twice a year, but this event took place in November 2019. Contestants exploited widely-used software and mobile devices with previously unknown vulnerabilities.
All teams used original vulnerabilities to hack the given subject.
The total bonus of the contest reached up to 1 million US dollars in an attempt to deliver a feast of cybersecurity technologies.
Tianfu Cup 2019
The hackers first compromised Google Chrome, Microsoft Edge, and Apple’s Safari.
The event concluded on Sunday with team 360Vulcan emerged as winners. The team 360Vulcan did exploit Microsoft Edge among other distinct targets.

Chrome, Office 365, Microsoft Edge Compromised

Team 360 Vulcan won a total bounty of $382,500 for hacking Adobe PDF ReaderMicrosoft EdgeOffice 365, VMWare Workstation, and qemu+Ubuntu.
There were a total of three successful exploits targeting Edge browser that emerged at the Tianfu Cup event.
The security loopholes were found on the EdgetHTML-based Edge browser — not the Chromium-powered version. Moreover, the hackers participating in the event were able to earn a total of $120,000 (roughly Rs. 86,21,600) from the Edge exploits.
A couple of security researcher teams participating in Tianfu Cup were able to hack Chrome. The researchers earned a total of $40,000.
As for Safari, a team named SlackLeader was able to find an exploit in the Apple browser and earned $30,000.
Generally, Software vendors attend security events to get the first-hand reports about loopholes in their products.
However, Most Companies, majorly skipped Tianfu Cup this year.
ZDNet reports that some members from the Chrome security team did attend the event.
Apple and Microsoft so far are silent on the hacks that took place at the event.
Asides the browser-powered exploits, researchers at Tianfu Cup showcased one hack of Office 365 and one of qemu-kvm + Ubuntu.
There were also a couple of exploits reported in Adobe PDF Reader.

Leave a Reply