Google Pixel and Pixel XL have been amidst the news owing to the competition that it poses to iPhone. In fact, many individuals and critics have stated that Google Pixel is literally on par with the security that iPhone users get. But sadly, the statements were proved wrong when a team of white hat hackers demonstrated that “Hacking Google Pixel” was a child’s play and they did it in less than 60 seconds at PwnFest 2016. Yes, you read it right, in less than 60 seconds. The team of white hat hackers’ work for a Chinese security solution company named, Qihoo 360. The feat was achieved by the hacker at PwnFest, a hacking competition which is held in Seoul South Korea.
What was the Pixel Hack and how was it achieved?
At the event, the team from Qihoo 360 demonstrated a zero-day exploit that allowed them to gain a remote access to the device. The exploit handed over the remote code execution to the hackers in less than 60 seconds, which in turn allowed them to remotely install a code on the device. The team also did leave quite a mark on the device when they remotely opened the Google Chrome Browser with the text “Pwned by 360 Alpha Team”.
The feat achieved by the Qihoo 360’s white hat hackers certainly gave a huge blow to the comments made by Adrian Ludwig. According to the Android Director, Google’s Pixel was on the same level with Apple’s devices with respect to security issues. The claims were further aggravated considering the fact that Android is open source and allows a lot of customizations.
What about Google Pixel Users, Are they safe?
This is not the only situation where the vulnerability was exploited on Google Pixel. In another event in Japan; Tencent’s keen Labs also breached the device. The vulnerability allowed anybody to unlock the device using a default command. There is no doubt about the fact that how risky is this default voice command. Team Qihoo 360 were not interested in using the exploit with wrong intentions. They did come away with a cash prize of $120,000. The team has also sent over the details of the Google Pixel vulnerability to Google, with the company now working on a patch that will protect owners of the smartphone from the security issue.
It will be interesting to see how Google reacts to the security loopholes that Google Pixel has. It will be interesting to see how many new vulnerabilities are discovered in the coming days. The PwnFest saw many devices lose out to attempts of the breach. The notable ones include MacOS Sierra, VMWare Workstation, Microsoft Edge, etc. Qihoo 360, on the other hand, walked away with whopping prize money of $520,000.