The annual Pwn2Own event organized by the Zero Day Initiative (ZDI) was held in Toronto, Canada. Basically, it’s a research conference where hackers can demonstrate their ability to hack commercial products. Subsequently, all the data is transferred to the manufacturers in order for them to “patch the holes”.
As part of Pwn2Own, hackers found various vulnerabilities in network attached storage (NAS) from HP, NETGEAR, Synology, Sonos, TP-Link, Canon, Lexmark and Western Digital, but the Samsung Galaxy S22 was the fastest they managed to crack.
Teams of hackers STAR Labs and Chim already on the first day of Pwn2Own found two holes in the security of the Galaxy S22 that allowed full access to the phone. On the second day of the event, hackers from the Pentest Limited group hacked the phone again, and on the third day, the Galaxy S22 was hacked for the fourth time, and in record time – in just 55 seconds.
It is important that all devices submitted for hacking within Pwn2Own have all the latest updates installed – this is one of the requirements of the contest.