Pwn2Own 2015 took place last week in Vancouver during CanSecWest. Like every year, several hackers went after most of the web browsers on the market, and the verdict was quick to fall: none of them was spared. Quite the contrary, they were all brought to their knees, but the operation still earned a nice check to a security expert.
His name is Jung Hoon Lee, he is based in South Korea, he operates under the pseudonym “lokihardt” and he caused a sensation during the competition since it only took him a handful of minutes to complete. Chromium.
To do this, it relied on a method based on the exploitation of two bugs specific to Windows, and an overflow in the browser buffer.
Which earned him $ 25,000 on one side, and $ 85,000 on the other.
225,000 dollars for a Korean expert
And it is not finished because he then attacked Internet Explorer 11, by exploiting a flaw which this time brought him $ 65,000. Then, as he was bored, he had fun knocking out the OS X version of Safari, this time getting his hands on $ 50,000.
By cumulating all of his winnings, we obtain a total of 225,000 dollars. Not bad for a (short) day's work, right?
Yes, he even broke all the records and it is rather logical since he got his hands, alone, on half of the rewards at stake, leaving only crumbs for his competitors.
Note, however, that it was Chrome that fared the best, with only one discovery flaw. Safari comes in second with two flaws, Firefox in third with three flaws, Internet Explorer in fourth with four flaws, and Windows 8.1 at the back of the pack with five flaws.
I don't know what you think but I can't wait to see what the next edition will give. Especially since Spartan should participate in the operation.