White hat hackers earn over $1 Million at Pwn2Own Austin 2021

The Zero Day Initiative’s Pwn2Own Austin 2021 hacking contest has ended, and participants earned $1,081,250 for 61 zero-day flaws.

Trend Micro’s Zero Day Initiative’s Pwn2Own Austin 2021 hacking contest has ended, the participants earned a total of $1,081,250 for 61 zero-day exploits. The participants compromised NAS devices, mobile phones, printers, routers, and speakers from Canon, Cisco, HP, NETGEAR, Samsung, Sonos, TP-Link, and Western Digital.

That brings #Pwn2Own Austin to a close. In total, we awarded $1,081,250 for 61 unique 0-days. It’s been an amazing 4 days of pwnage. Thanks again to our partner Western Digital, sponsor Synology, and all the contestants who participated. See in you Miami!

— Zero Day Initiative (@thezdi) November 5, 2021

This edition is the largest Pwn2Own to date, the participants earned $362,500 on the first day of the contest, $415,000 on the second day, $238,750 on the third day, and $60,000 on the last day.

The highest bounties were paid out for zero-day exploits for Sonos One smart speaker, two teams earned $60,000 each for code execution issues.

Congratulation to the Synacktiv team that won the contest and earned $197,000 for their zero-days and 20 Master of Pwn points.

Here are the final Master of Pwn standings. Congrats to @Synacktiv on claiming the title. It was a close race, but they pull through. pic.twitter.com/pf2UmZhCu1

— Zero Day Initiative (@thezdi) November 5, 2021

For the first time in the history of the hacking contest, white hat hackers demonstrated zero-day exploits for printers. The participants demonstrated 11 printer hacks, on the third day a team hacked an HP LaserJet printer to play the AC/DC’s Thunderstruck song.

In this edition participants also hacked the Samsun Galaxy S21, Sam Thomas (@_s_n_t) from team Pentest Limited (@pentestltd) demonstrated a zero-day exploit chain for the latest Android 11 earning $50,000.

There was also one partially successful attempt to hack the Samsung Galaxy S21, Mr L and Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) of STARLabs Team used an exploit chain that included a bug known by the vendor. They still earn $25,000 and 2.5 Master of Pwn points.

The day-by-day results for the Pwn2Own Austin 2021 are available here.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, supply chain attack)

The post White hat hackers earn over $1 Million at Pwn2Own Austin 2021 appeared first on Security Affairs.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt