Security Researchers Use Wi-Fi and Safari Exploits to Breach iPhone 7 at Annual Mobile Pwn2Own Contest

by

Trend Micro's annual Mobile Pwn2Own contest took place in Tokyo, Japan today at the PacSec security conference, and security researchers spent the day attempting to hack into the iPhone 7, the Samsung Galaxy S8, the Google Pixel, and the Huawei Mate 9 Pro in an effort to win prizes totaling more than $500,000.


Apple's iPhone 7, running iOS 11.1, the latest version of the iOS 11 operating system, was successfully breached twice by Tencent Keen Security Lab. The first hack targeted a Wi-Fi bug and won the team $110,000 and 11 Master of Pwn points, while the second hack targeted the Safari Browser and earned Tencent Keen Security Lab $45,000 and 12 Master of Pwn points.

They used a total of four bugs to gain code execution and escalate privileges to allow their rogue application to persist through a reboot. They earned $60,000 for the WiFi exploit and added $50,000 for the persistence bonus - a total of $110,000 and 11 Master of Pwn points.

Tencent Keen Security Lab was on the clock once more as they targeted the Safari Browser on the Apple iPhone 7. It took them just a few seconds to successfully demonstrate their exploit, which needed only two bugs - one in the browser and one in a system service to allow their rogue app to persist through a reboot. As the second finisher in the Browser category, they earned half of the cash award at $45,000, but still earned the full 13 Master of Pwn points.

Security researcher Richard Zhu was also able to leverage two bugs to exploit the Safari browser and escape the sandbox to successfully run code on the iPhone 7, earning him $25,000 and 10 Master of Pwn points.

Along with the iPhone 7, researchers were able to find exploits for the Samsung Galaxy S8 and the Huawei Mate 9 Pro, earning a total of $350,000.

Trend Micro hosts Pwn2Own in an effort to promote its Zero Day Initiative, designed to reward security researchers for disclosing major vulnerabilities to tech companies like Apple and Google.

Pwn2Own continues on through tomorrow, so additional exploits may be uncovered. Apple representatives have been known to attend Pwn2Own competitions in past years, and all vulnerabilities discovered are disclosed to Apple. The company then has 90 days to produce patches for all iOS-related bugs before they're publicly disclosed.

Tag: Pwn2Own

Popular Stories

iPhone 17 Pro 3 4ths Perspective Aluminum Camera Module 1

iPhone 17 Pro Launching Later This Year With These 12 New Features

Sunday April 13, 2025 7:52 am PDT by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models as of April 2025: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone ...
Read Full Article124 comments
Apple 2025 Thumb 1

10 Products Still Coming From Apple in 2025

Friday April 11, 2025 4:14 pm PDT by
Apple may have updated several iPads and Macs late last year and early this year, but there are still multiple new devices that we're looking forward to seeing in 2025. Most will come in September or October, but there could be a few surprises before then. We've rounded up a list of everything that we're still waiting to see from Apple in 2025. iPhone 17, 17 Air, and 17 Pro - We get...
Read Full Article55 comments
iPad Pro iPadOS

iPadOS 19 Will Be 'More Like macOS' in Three Ways

Sunday April 13, 2025 6:43 am PDT by
A common complaint about the iPad Pro is that the iPadOS software platform fails to fully take advantage of the device's powerful hardware. That could soon change. Bloomberg's Mark Gurman today said that iPadOS 19 will be "more like macOS." Gurman said that iPadOS 19 will be "more like a Mac" in three ways:Improved productivity Improved multitasking Improved app window management...
Read Full Article209 comments
Foldable iPhone 2023 Feature Homescreen

Foldable iPhone Resolutions Leak With Under-Screen Camera Tipped

Monday April 14, 2025 3:12 am PDT by
Apple's upcoming foldable iPhone (or "iPhone Fold") will feature two screens as part of its book-style design, and a Chinese leaker claims to know the resolutions for both of them. According to the Weibo-based account Digital Chat Station, the inner display, which is approximately 7.76 inches, will use a 2,713 x 1,920 resolution and feature "under-screen camera technology." Meanwhile, the...
Read Full Article84 comments
M6 MacBook Pro Feature 1

Waiting for the Perfect MacBook Pro? 2026 Might Be the Year

Thursday April 10, 2025 4:19 am PDT by
Apple in October 2024 overhauled its 14-inch and 16-inch MacBook Pro models, adding M4, M4 Pro, and M4 Max chips, Thunderbolt 5 ports on higher-end models, display changes, and more. That's quite a lot of updates in one go, but if you think this means a further major refresh for the MacBook Pro is now several years away, think again. Bloomberg's Mark Gurman has said he expects only a small...
Read Full Article114 comments
Apple Vision Pro with battery Feature Blue Magenta

Vision Pro 2 Rumored to Have Two Key Advantages Over Current Model

Sunday April 13, 2025 7:15 am PDT by
Apple is working on a new version of the Vision Pro with two key advantages over the current model, according to Bloomberg's Mark Gurman. Specifically, in his Power On newsletter today, Gurman said Apple is developing a new headset that is both lighter and less expensive than the current Vision Pro, which starts at $3,499 in the U.S. and weighs up to 1.5 pounds. Gurman said Apple is also...
Read Full Article121 comments
maxresdefault

The MacRumors Show: New iOS 19, iPhone 17, and Apple Watch Ultra 3 Leaks

Friday April 11, 2025 7:13 am PDT by
On this week's episode of The MacRumors Show, we catch up on the latest iOS 19 and watchOS 12 rumors, upcoming devices, and more. Subscribe to The MacRumors Show YouTube channel for more videos Detailed new renders from leaker Jon Prosser claim to provide the best look yet at the complete redesign rumored to arrive in iOS 19, showing more rounded elements, lighting effects, translucency, and...
Read Full Article14 comments
top stories 2025 04 12

Top Stories: iOS 19 and iPhone 17 Pro Rumors, Siri Revamp Turmoil, and More

Saturday April 12, 2025 6:00 am PDT by
It was a big week for leaks and rumors in the Apple world, with fresh claims about iOS 19, the iPhone 17 Pro, and even the 20th anniversary iPhone coming a couple of years from now. Sources also spilled the tea on the inner turmoil at Apple around the Apple Intelligence-driven Siri revamp that has seen significant delays, so read on below for all the details on these stories and more! iOS ...
Read Full Article7 comments
iPhone 16e Feature

iPhones, Macs, and Other Apple Devices Exempted From Trump Tariffs

Saturday April 12, 2025 9:44 am PDT by
Apple and other electronics manufacturers have received a break from Trump's reciprocal tariffs, with the U.S. Customs and Border Protection agency sharing a long list of products excluded from the levies last night. iPhones, Macs, iPads, Apple Watch, and other Apple devices will not be subject to the 125 percent tariffs that have been put in place on imported Chinese goods, nor will Apple...
Read Full Article456 comments

Top Rated Comments

btrach144 Avatar
btrach144
97 months ago
Would these security researches tell Tim cook that getting rid of touch ID was retarded?
This has nothing to do with FaceID or TouchID. Please remain relevant.
Score: 42 Votes (Like | Disagree)
SoApple Avatar
SoApple
97 months ago
Would these security researches tell Tim cook that getting rid of touch ID was retarded?
What an irrelavant and pointless comment.

On a more relevant note. This exploit has been fixed in the new update.
Score: 26 Votes (Like | Disagree)
dannyyankou Avatar
dannyyankou
97 months ago
These contests are great. They give good incentives to find security exploits, and they end up getting patched by Apple.
Score: 19 Votes (Like | Disagree)
Slix Avatar
Slix
97 months ago
The real question is: Will their exploits they found affect my iPod touch running iOS 6.1.6?

:P
Score: 14 Votes (Like | Disagree)
Aloft085 Avatar
Aloft085
97 months ago
FBI joke in 3-2-1....
No need, the FBI is the joke.
Score: 10 Votes (Like | Disagree)
WatchFromAfar Avatar
WatchFromAfar
97 months ago
On a more relevant note. This exploit has been fixed in the new update.
Has it? the post says "Apple's iPhone 7, running iOS 11.1, the latest version of the iOS 11 operating system" which came out yesterday.
Score: 10 Votes (Like | Disagree)
Read All Comments