Several software companies Microsoft, Apple, Samsung, Google and Mozilla were hacked using new exploits that had never been seen before in this year’s version of TianfuCup 2020, the major and most popular hacking competition in China.
The contest – which lasted for two days – was held in Chengdu in central China, and the third edition of the international cybersecurity competition ended earlier today.
Organizers said: Many mature and challenging goals have been tied in this year’s competition, and 11 of the 16 goals have been breached via 23 successful demos.
Successful vulnerabilities were confirmed against a number of platforms, including:
– Apple iPhone 11 Pro running iOS 14.
– Samsung Galaxy S20 running Android 10.
– Microsoft Windows 10 (April 2020 release).
– CentOS 8.
– Google Chrome.
– Apple Safari.
– Mozilla Firefox.
– Adobe PDF reader.
– Docker (Community Edition).
– VMware ESXi hypervisor.
– TP-Link TL-WDR7660 Router Firmware.
– ASUS RT-AX86U router firmware.
Fifteen teams of Chinese hackers participated in this year’s edition, and the contestants had three five-minute attempts to breach a specific target with an original exploit.
All exploits were reported to the software providers, in accordance with the competition regulations, similar to the Pwn2Own Piracy Competition Rules.
The TianfuCup competition, similar to Pwn2Own, was launched in 2018 after a government regulation in the country prohibits security researchers from participating in international piracy competitions due to national security concerns.
In the coming days and weeks, it should provide corrections for all errors shown, as usually happens after every TianfuCup and Pwn2Own.
And like last year, the winning team came from Chinese tech giant Qihoo 360, and captured nearly two-thirds of the prize pool, taking home $ 744,500 out of a total of $ 1,210,000 awarded this year.
Team Ant-Financial Light-Year Security Lab came in second, with $ 258,000, while a security researcher named Pang finished third with $ 99,500.