White Hat Hackers Earn $500,000 On First Day of Pwn2Own Ireland 2024 (securityweek.com)
(Wednesday October 23, 2024 @11:30PM (BeauHD)
from the not-too-shabby dept.)
- Reference: 0175311973
- News link: https://it.slashdot.org/story/24/10/23/2213229/white-hat-hackers-earn-500000-on-first-day-of-pwn2own-ireland-2024
- Source link: https://www.securityweek.com/white-hat-hackers-earn-500000-on-first-day-of-pwn2own-ireland-2024/
An anonymous reader quotes a report from SecurityWeek.com:
> White hat hackers taking part in the Pwn2Own Ireland 2024 contest organized by Trend Micro's Zero Day Initiative (ZDI) have [1]earned half a million dollars on the first day of the event , for exploits targeting NAS devices, cameras, printers and smart speakers. The highest single reward, $100,000, was earned by Sina Kheirkhah of Summoning Team, who chained a total of nine vulnerabilities for an attack that went from a QNAP QHora-322 router to a TrueNAS Mini X storage device. Another exploit chain involving the QNAP QHora-322 and TrueNAS Mini X products was demonstrated by Viettel Cyber Security, but this team earned only $50,000.
>
> A significant reward was also earned by Jack Dates of RET2 Systems, who received $60,000 for hacking a Sonos Era 300 smart speaker. QNAP TS-464 and Synology DiskStation DS1823XS+ NAS device exploits earned $40,000 each for two different teams. Participants also successfully demonstrated exploits against the Lorex 2K WiFi, Ubiquity AI Bullet, and Synology TC500 cameras, and HP Color LaserJet Pro MFP 3301fdw and Canon imageCLASS MF656Cdw printers. These attempts earned the hackers between $11,000 and $30,000. According to ZDI, a total of $516,250 was paid out on the first day of Pwn2Own Ireland for over 50 unique vulnerabilities.
[1] https://www.securityweek.com/white-hat-hackers-earn-500000-on-first-day-of-pwn2own-ireland-2024/
> White hat hackers taking part in the Pwn2Own Ireland 2024 contest organized by Trend Micro's Zero Day Initiative (ZDI) have [1]earned half a million dollars on the first day of the event , for exploits targeting NAS devices, cameras, printers and smart speakers. The highest single reward, $100,000, was earned by Sina Kheirkhah of Summoning Team, who chained a total of nine vulnerabilities for an attack that went from a QNAP QHora-322 router to a TrueNAS Mini X storage device. Another exploit chain involving the QNAP QHora-322 and TrueNAS Mini X products was demonstrated by Viettel Cyber Security, but this team earned only $50,000.
>
> A significant reward was also earned by Jack Dates of RET2 Systems, who received $60,000 for hacking a Sonos Era 300 smart speaker. QNAP TS-464 and Synology DiskStation DS1823XS+ NAS device exploits earned $40,000 each for two different teams. Participants also successfully demonstrated exploits against the Lorex 2K WiFi, Ubiquity AI Bullet, and Synology TC500 cameras, and HP Color LaserJet Pro MFP 3301fdw and Canon imageCLASS MF656Cdw printers. These attempts earned the hackers between $11,000 and $30,000. According to ZDI, a total of $516,250 was paid out on the first day of Pwn2Own Ireland for over 50 unique vulnerabilities.
[1] https://www.securityweek.com/white-hat-hackers-earn-500000-on-first-day-of-pwn2own-ireland-2024/