When you see an article involving America, China, and hacking – well, you got to click on it to read further. But luckily, this news is not as bad as you expect. In fact, American tech giant, Google, welcomes this kind of hacking as it does not involve any national security threat or anything and they offer big cash rewards to the men and women who do it. Despite having the latest version of Android and power-packed hardware specifications, it seems that the Google Pixel and Pixel XL aren’t completely free of issues. 😯
In a recently held Hackathon in Seoul Korea, a Chinese hacker group called Qihoo 360 targeted Google’s Pixel smartphone and managed to do it in less than a minute!
The group, as reported by The Register website, exploited a zero-day vulnerability to gain remote access to the handset. For those unaware, a zero-day vulnerability is a software flaw that is undisclosed and thus can be exploited by hackers. The exploit, when accessed, reportedly launches Google Play Store before opening Google Chrome with the web page that reads ‘Pwned By 360 Alpha Team’. The hackers further showed how they gained access to the Pixel and Pixel XL’s contacts, photos, messages and call logs using a rogue app running in the background.
Fortunately, the Qihoo team was only interested in showing off their skills and pocketing the $120,000 bounty offered by Google. They’re white hat hackers, which makes sense when you know that their employer is one of the largest security software companies in China.
The group also showed vulnerability in Microsoft’s Edge browser and Adobe Flash.
According to some users who got their hands on Google’s newest smartphones, the camera shows an extreme amount of lens flare (or halo effect) while clicking shots in broad daylight. Google replied that it is aware of the issue and will address the bug soon.
Qihoo 360′s security team has been in the spotlight before. Two years ago they pulled off a similar attack on a Tesla Model S. They were able to control its locks, sound the horn, and even open the sunroof while the car was being driven. More worryingly, they shut down the car’s stability and traction controls and interfere with its onboard charging system.
But just like they did with the Pixel phone, they provided the details of their exploit to Tesla and offered to help them fix it. 😕