Since the Chinese government instituted laws prohibiting security researchers from competing in foreign hacking competitions such as Pwn2Own, the annual Tianfu Cup, held in Chengdu, has served as a showcase for China’s greatest hackers.
The latest challenge took place this past weekend, and the newest iPhone, the iPhone 13 Pro running the most recent and fully patched version of iOS 15.0.2, was hacked in record time. Twice.
Using a remote code execution attack of the mobile Safari web browser, the Kunlun Lab team, whose CEO is a former CTO of Qihoo 360, was able to hack the iPhone 13 Pro live on stage. And you can accomplish it in under 15 seconds.
See Also: Apple Event 2021 Highlights: Everything Apple Announced At ‘California Streaming’
Of course, getting to this point took months of planning, but the end result was devastating and devastatingly fast. However, the entire scope of the exploited weakness or vulnerabilities has yet to be exposed.
However, the Chinese Kunlun Lab was not the only group to hack the iPhone 13 Pro. Team Pangu, which has a history of jailbreaking Apple devices, solidified its name by winning the top $300,000 cash prize for remotely jailbreaking a fully patched iPhone 13 Pro running iOS 15.
While the exact details of how this was accomplished have not been made public, reports imply that a one-click link was used to activate a remote code vulnerability that circumvented Safari security safeguards.
It’s a story that repeats itself almost every year: Apple unveils a new iPhone 13 series with slightly larger screens, faster processing, and better cameras — but no substantial new features. As a result, security breaches are unavoidable.