IPhone 13 Pro remote jailbreak earns researchers $ 300,000 in hacking contest

A jailbreak group has reportedly won a cash prize of $ 300,000 in the annual Tianfu Cup hack competition in China, by remotely jailbreaking an iPhone 13 Pro running iOS 15.

The Tianfu Cup hacking contest is the Chinese counterpart to Pwn2Own-style contests elsewhere in the world, offering big prizes to researchers who bypass protections on consumer devices and software. On the first day of the 2021 competition, it looks like a team has already won a major prize by successfully attacking an iPhone 13 Pro.

The Pangu team, best known for jailbreaking Apple hardware, reportedly managed to lead an attack on the iPhone 13 Pro and iOS 15 at the highest possible price point. According to a Tweeter by Kunlun Lab CEO @ mj0011sec spotted by iDownloadBlog, Team Pangu achieved a remote jailbreak, winning the highest price offered for the device and first place in the competition standings.

According to the competition’s website, the teams were to allow the iPhone 13 Pro to browse a remote URL, to allow entrants to “control the phone system.” As part of the challenge, competitors had to bypass “CAP mitigation,” with additional prizes offered for a sandbox breakout or jailbreak.

Three prize tiers were associated with the iPhone 13 Pro, with remote code execution winning $ 120,000, while RCE with a sandbox breakout securing the contestant $ 180,000. For remote jailbreak, the price is $ 300,000.

The iPhone is just one of many targets in the global competition, covering both Apple devices and products from other companies. Other targets include RCE attacks against Safari running on both Intel and Apple Silicon MacBook Pro models, as well as a Synology NAS, a Xiaomi Mi 11 smartphone, and Windows 10 and Google Chrome running on laptops, among others. .

With another day to go, it’s likely that more successful attempts against Apple hardware, and more, will be reported before the competition officially ends.

In the 2020 contest, two sandbox breakouts were made against an iPhone running iOS 14, earning entrants $ 180,000 for each.

Details of the hack are unlikely to be made public anytime soon, as responsible disclosure policies typically require that the hack be reported to affected companies or developers for remediation prior to a public disclosure.

Read on AppleInsider

About Kelly Choos

Kelly Choos

Check Also

iPhone 13 Pro running iOS 15 hacked in just 1 second and we’re not even kidding!

Apple is a company that has always presented privacy as one of the main selling …