The new Google Pixel and Pixel XL might be the most sought-after devices in the smartphone market right now, but a Chinese team of hackers has just demonstrated that the Pixel phones could also be the easiest to break into.
In just under 60 seconds, the team, which was taking part in a PwnFest hacking competition held in South Korea’s capital of Seoul, managed to use a zero-day vulnerability and successfully installed a code on the device. Known as Qihoo 360, the Chinese team went ahead and launched the official Google Play Store app on the hacked Google Pixel as well as the mobile version of Chrome browser.
To show that it was indeed their work, the hackers successfully displayed a “Pwned by 360 Alpha Team” message – a collective effort that made Google pay them $120,000. This also means that the previous claims by a Google engineer that the Google Pixel and Pixel XL are just as secure as the current iPhone 7 and 7 Plus are a huge doubt. Nonetheless, Google will now go back to the drawing board and try to patch the hole.
Whether this vulnerability can easily be exploited by other hackers or not remains to be seen. But given the swiftness at which the Chinese team did it, Google Pixel and Pixel XL owners should be warned that anything is possible. Google has not released a statement of when the vulnerability will be taken care of, but it should be soon.
In addition to bagging $120,000 from Google, the Qihoo 360 team also went ahead to add another $400,000 in cash prizes after discovering vulnerabilities in Windows 10’s Microsoft Edge browser as well as Adobe Flash Player.
In the end, the Chinese hackers walked away with a total of $520,000 in cash. How about that for a day’s work?