Your hacker Blog

White hat hackers earn over $1 Million at Pwn2Own Austin 2021

The Zero Day Initiative’s Pwn2Own Austin 2021 hacking contest has ended, and participants earned $1,081,250 for 61 zero-day flaws.

Trend Micro’s Zero Day Initiative’s Pwn2Own Austin 2021 hacking contest has ended, the participants earned a total of $1,081,250 for 61 zero-day exploits. The participants compromised NAS devices, mobile phones, printers, routers, and speakers from Canon, Cisco, HP, NETGEAR, Samsung, Sonos, TP-Link, and Western Digital.

That brings #Pwn2Own Austin to a close. In total, we awarded $1,081,250 for 61 unique 0-days. It’s been an amazing 4 days of pwnage. Thanks again to our partner Western Digital, sponsor Synology, and all the contestants who participated. See in you Miami!— Zero Day Initiative (@thezdi) November 5, 2021This edition is the largest Pwn2Own to date, the participants earned $362,500 on the first day of the contest, $415,000 on the second day, $238,750 on the third day, and $60,000 on the last day.

The highest bounties were paid out for zero-day exploits for Sonos One smart speaker, two teams earned $60,000 each for code execution issues.

Congratulation to the Synacktiv team that won the contest and earned $197,000 for their zero-days and 20 Master of Pwn points.

Here are the final Master of Pwn standings. Congrats to @Synacktiv on claiming the title. It was a close race, but they pull through. pic.twitter.com/pf2UmZhCu1— Zero Day Initiative (@thezdi) November 5, 2021For the first time in the history of the hacking contest, white hat hackers demonstrated zero-day exploits for printers. The participants demonstrated 11 printer hacks, on the third day a team hacked an HP LaserJet printer to play the AC/DC’s Thunderstruck song.

In this edition participants also hacked the Samsun Galaxy S21, Sam Thomas (@_s_n_t) from team Pentest Limited (@pentestltd) demonstrated a zero-day exploit chain for the latest Android 11 earning $50,000.

There was also one partially successful attempt to hack the Samsung Galaxy S21, Mr L and Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) of STARLabs Team used an exploit chain that included a bug known by the vendor. They still earn $25,000 and 2.5 Master of Pwn points.

The day-by-day results for the Pwn2Own Austin 2021 are available here.

Follow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, supply chain attack)

The post White hat hackers earn over $1 Million at Pwn2Own Austin 2021 appeared first on Security Affairs.