Every year, China holds one of the largest hackathons or competitions in the world of technology, the Tianfu Cup, which brings together the best hackers in the world to challenge the security of various products and services.
This 2020 was the opportunity for several recognized technology companies and multinationals to test their products in one of the most anticipated annual events in the world of technology. The Tianfu Cup International Cyber Security Contest It is one of the most famous and important events held in China, and it allows us to discover the vulnerabilities and security flaws that exist in different products and services on the market.
In this competition, the best hackers in the world demonstrate their abilities to detect security vulnerabilities in just a few attempts and also in a few minutes. In fact, among the conditions of this hackathon it is foreseen that the participants have 3 rounds of 5 minutes to execute their attacks, in addition to the fact that they must implement hacking techniques or attacks unknown until the moment in which the competition takes place; although they can prepare their hacks in advance as long as they prove that they are original and that they are executed live.
During this 2020 competition, which took place over the weekend, participants hacked several products from important companies such as Windows, iOS, Samsung and Google, in the estimated time of 5 minutes. Thus, with an agility capable of impressing every privileged spectator, the participants managed to hack the products of Windows 10, iOS 14, Samsung Galaxy S20 y Google Chrome.
It may interest you: Researcher discovers security vulnerability in Ledger that allows Bitcoin spending with fully valid signatures
Third edition and $1,2 million in prizes
TFC 2020 is the third edition of this annual cybersecurity competition, which awarded its competitors with 1,2 million dollars in recognition of their work, effort and skill. In total, TFC 2020 had the participation of 15 hacker groups, whose challenge was to hack 16 platforms and services from different hardware and software companies, using, as already mentioned, techniques not known at the time of the event, in three rounds of five minutes each.
Among the systems and platforms presented in this challenge are: Microsoft Edge, Google Chrome, Safari, Firefox, Adobe PDF Reader, Docker-CE, VMware Workstation, VMware ESXi, Ubuntu + qemu-kvm, iPhone 11 Pro + iOS 14, Samsung Galaxy 20, Windows 10 2004, Ubuntu 20/CentOS 8, Microsoft Exchange Server 2019, TP-Link WDR7660, and ASUS Router AX86U; of which Windows 10, iOS 14, Samsung Galaxy S20 and Google Chrome presented security vulnerabilities detected by hackers.
11 of 16 platforms hacked
The results of this hackathon were a complete success, as explained by several of the participating companies, who saw several of their products fall before the ingenuity and skill of the participants. In total, 11 of the 16 platforms that were tested during the event were hacked.
For its part, the winner of the competition, and which took more than 60% of the prize of 1,2 million, was the team of the technological giant Qihoo 360, called 360 Enterprise Security and Government and (ESG) Vulnerability Research Institute. This team received a total of $744.500 in prize money, followed by the team AntFinancial Lightyear Security Lab, which received a total of $258.000. The vulnerabilities and security flaws discovered by hackers during the event were reported to each of the development companies, without disclosing them publicly, so that companies can patch these vulnerabilities in future updates and services.
Among the systems and platforms that survived the attacks are: Microsoft Edge, VMware Workstation and Microsoft Exchange Server 2019.
Continue reading: Trustology introduces escrow firewall to ensure DeFi security
