Ubuntu, Windows, And Chrome Hacked At China’s Top Hackathon


From popular OSes such as Windows 10 and Ubuntu to widely-used browsers such as Chrome and Safari, the hackers partaking in the Tianfu Cup 2020 successfully hacked several popular software programs.

For those who don’t know, the Tianfu Cup is considered the biggest hacking contest in China. The third rendition of the event took place in Chengdu, China, with 15 participating teams. The prize pool for the contest winners amounted to about $1.21 million.

The winning side, 360 Enterprise Security and Government and (ESG) Vulnerability Research Institute (Qihoo 360), won the competition for the second consecutive year. It took home a total of $744,500 — around two-thirds of the total prize pool — for its exploits.

Also, runner-up Ant-financial Light-year Security Lab and second runner-up Pang bagged $258,000 and $99,500 respectively.

Credit: Tianfu Cup

Talking of the programs successfully breached during the hackathon, the organizers revealed, “Many mature and hard targets have been pwned on this year’s contest.” Out of the targeted programs, the following were confirmed as hacked:

  • Adobe PDF Reader
  • ASUS Router AX86U
  • Chrome browser
  • Docker-CE
  • Firefox browser
  • iOS 14 via iPhone 11 Pro
  • QEMU (emulator & virtualizer)
  • Safari browser
  • Samsung Galaxy S20
  • TP-Link WDR-7660
  • Ubuntu 20/CentOS 8
  • VMWare ESXi
  • Windows 10 2004

Moreover, the teams faced three rounds of 5 minutes each for breaching a specific software with an original hack. The monetary sum for a successful attempt varied based on the software and the type of vulnerability exploited.

Additionally, as per policy, the contest organizer has reported the detected vulnerabilities to the respective software providers. The patches fixing these security risks should roll out in the coming days.

Priye Rai

Priye Rai

Priye is a tech writer who writes about anything remotely related to tech, including gaming, smartphones, social media, etc. He prefers to be called a "video game journalist" and grimaces when he doesn't get to be "Player 1." If you want to share feedback or talk about games, reach out to @priyeakapj on Twitter.
More From Fossbytes

Latest On Fossbytes

Find your dream job