At the EUSecWest 2012 conference, a Mobile Pwn2Own is taking place to test vectors on smartphones mobile web browsers, operating systems, NFC, SMS, and cellular baseband. Prizes are offered to the security researchers able to compromise the device. They will be rewarded with a cash prize and the device itself.
A successful attack against these devices must require little or no user interaction and must compromise or exfiltrate useful data from the phone. Any attack that can incur cost upon the owner of the device (such as silently calling long-distance numbers, eavesdropping on conversations, and so forth) is within scope.
The rules for Mobile Pwn2Own 2012 are detailed at the Tipping Point site.
Vector : Prize
Mobile Web Browser: $30,000 USD
Mobile Operating System: $30,000 USD
NFC: $40,000 USD
SMS: $40,000 USD
Cellular Baseband: $100,000 USD
Nokia Lumia 900 (Windows Phone 7.5 OS version: 7.10.8779.8)
HTC Titan II (Windows Phone 7.5 OS version: 7.10.8112.7)
Samsung Galaxy Nexus (GT-I9250 Android version: 4.1.1)
Samsung Galaxy SIII (SGH-T999 )Android version: 4.0.4
Sony Xperia P (Android version: 4.0.4 Build number: 6.1.B.0.544)
BlackBerry Bold 9900 (7.1 Bundle 998 )
Apple iPhone 4S (Version 5.1.1 (9B206) Carrier AT&T 12.0)
(Image courtesy of ZDI Twitter)
So far, the iPhone 4S and Galaxy S 3 have been compromised according to tweets from the Zero Day Initiative.
MWR Labs detailed their exploit of the Galaxy S III running Android 4.0.4 in a posting at their website.
MWR showed an exploit against a previously undiscovered vulnerability on a Samsung Galaxy S3 phone running Android 4.0.4. Through NFC it was possible to upload a malicious file to the device, which allowed us to gain code execution on the device and subsequently get full control over the device using a second vulnerability for privilege escalation.
More demos and exploits are promised at the conference tomorrow, so watch for this article to be updated with further results.
Update: I guess that was it. No new pwnings surfaced on the second day of Mobile Pwn2Own 2012.