Macbook Air hacked in under two minutes

In a Pwn to Own contest sponsored by TippingPoint a team of security researchers have won $10,000 for hacking a MacBook Air in two minutes using an undisclosed Safari vulnerability. The team was able to gain control of a MacBook Air on the second day of the hacking competition, which pitted the Air against Windows Vista and Ubuntu machines. The team had attack code already set up on a Web site, and was able to gain access to the MacBook Air and retrieve a file after judges were "tricked" into visiting the site. According to the TippingPoint DVLabs blog, a newly discovered vulnerability in Safari was used to gain control of the Air. The contest rules stipulated that winners immediately sign a nondisclosure agreement relating to their technique, so that the vulnerability could be disclosed to the vendor, and TippingPoint said Apple has been informed of the vulnerability.

Related Posts by Categories