iPhone 13 Pro hacked, Tianfu Cup, China Hackers, iOS 15 jailbreak

Since the Chinese government invoked regulations to prevent security researchers from participating in international hacking competitions such as Pwn2Own, the annual Tianfu Cup, held in Chengdu, has been an opportunity for China’s top hackers to demonstrate their skills. collective feats.

Last weekend was the last competition and the latest iPhone, the iPhone 13 Pro running the latest fully patched version of iOS 15.0.2 to be precise, was hacked in record time. Twice.

MORE FORBESWho is the mystery snail? Windows under Zero-Day Exploit attack

The Kunlun Lab team, whose CEO is a former CTO of Qihoo 360, was able to hack iPhone 13 Pro live on stage using a remote code execution exploit of the mobile Safari web browser. And do it in just 15 seconds flat.

Of course, it probably took months of preparation to get there, but the result was devastating and extremely quick. However, full details of the exploited vulnerability (s) have not yet been disclosed.

However, Kunlun Lab was not the only team to hack the iPhone 13 Pro. The Pangu team, which has a history of jailbreaking Apple devices, solidified their reputation in this regard by claiming the highest cash award of $ 300,000 for Remotely jailbreak a fully patched iPhone 13 Pro under iOS 15.

While, again, full details of how this was achieved have not been made public, reports suggest it was a one-click link triggering a remote code exploit that bypassed Safari’s security mechanisms.

MORE FORBESiOS 15.0.2: Why Apple Is Releasing Emergency Updates For The iPhone

The good news is that hacking is not a crime, as I have said over and over again.

Indeed, these teams of hackers will give the details of their exploits to Apple so that it can publish patches for these vulnerabilities. I would expect to see them in iOS 15.1 or in an upcoming iOS 15.0 security update.

The less good news is that there have been reports in the past of Chinese state actors using some of these exploits for espionage or surveillance before fixes can be released.

It should also be said that Apple products were not the only target of the Tianfu Cup 2021 event. Security researchers have also launched successful exploits against Windows 10, Microsoft Exchange and Google Chrome, among others. I’ll bring you more news of these as more details emerge.

I reached out to Apple for comment and will update this article in due course.

About Kelly Choos

Kelly Choos

Check Also

iPhone 13 Pro running iOS 15 hacked in just 1 second and we’re not even kidding!

Apple is a company that has always presented privacy as one of the main selling …