The Google Pixel fell victim to the efforts of competitive Chinese hackers at Seoul’s PwnFest competition. White-hat hackers from Qihoo 360 used an undisclosed vulnerability in Chrome to gain remote code execution privileges and win a $120,000 cash prize. This is the second time the Google Pixel was hacked in two weeks. The first exploit was discovered by Keen Team at a previous event in Japan.
Thankfully, Google has already patched the latest exploit and the changes have already been implemented into the browser’s stable version. However, the initial zero-day exploit remains unpatched. It allows hackers to compromise all aspects of the smartphone, including access to contacts, photos, messages, and phone calls.
It is better to crack smartphones at white-hacking events like this than to have exploits reported to Google from out in the wild. This way, the company is in the know from the get-go and is able to implement fixes swiftly. The hackers essentially trade their work for a cash prize, which sounds fair.