Trend Micro Offers More Than US$500,000 at Mobile Pwn2Own 2017
- Written by Reporters
HONG KONG, CHINA - Media OutReach - August 30, 2017 - In the continued effort to thwart malicious attacks against consumers and enterprises, Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in cybersecurity solutions, today announced the Zero Day Initiative's Mobile Pwn2Own contest. This year's event will take place Nov. 1-2, during the PacSec 2017 Conference in Tokyo, Japan. The contest rewards security researchers for demonstrating and disclosing zero-day attacks on the latest and most popular mobile devices.
Contestants will be awarded cash and prizes during the competition for vulnerabilities and exploitation techniques against the most up-to-date patches in popular mobile platforms. This year's targets include the Apple iPhone 7, Samsung Galaxy S8, Google Pixel and Huawei Mate9 Pro. Following the contest, vendors will have 90 days to produce patches for these bugs, instead of the standard 120 disclosure window. This reflects the integrity of successful exploits produced during the contest. As these are practical vulnerabilities with demonstrated applications, a shortened patch window helps provide quicker protection for the end user against potentially damaging bugs.
"This contest embodies Trend Micro's leadership in encouraging and facilitating the discovery of zero-day vulnerabilities," said Mike Gibson, vice president of threat research for Trend Micro. "Rewarding responsible disclosure of these bugs promotes our overarching goal of making everyone safer online. Researchers participating in the contest gain notoriety and can win a significant amount of money, and vendors are given the opportunity to patch zero-day vulnerabilities that might have otherwise wreaked havoc on their systems."
To emphasize the importance of vigilance against these threats and responsible disclosure, this year's event offers larger prizes than ever before, with a prize pool of more than $500,000USD. The contest consists of four categories including browsers, short distance and WiFi, messaging and baseband, which is returning this year. A complete list of targets and prizes are listed below:
Categories | Target | Cash Prize | Master of Pwn Points |
Browser | Chrome | $50,000 (USD) | 10 |
Safari | $40,000 (USD) | 10 | |
Browser | $30,000 (USD) | 8 | |
Short Distance and WiFi | Bluetooth | $40,000 (USD) | 8 |
NFC | $50,000 (USD) | 8 | |
WiFi | $60,000 (USD) | 8 | |
Messaging | SMS | $60,000 (USD) | 12 |
MMS | $60,000 (USD) | 12 | |
Baseband | * | $100,000 (USD) | 20 |
In addition to the standard categories and prizes, there are add-on bonuses for executing code with kernel privileges and having the payload persist after a reboot. These bonuses will help contestants reach the coveted title, "Master of Pwn," by adding additional points to their running total from each successful exploit.
To learn more about Mobile Pwn2Own, please visit: https://www.zerodayinitiative.com/blog/2017/8/24/mobile-pwn2own-2017-returns-to-tokyo.
Follow @thezdi and @trendmicro during the event, or follow the #MP2O hashtag, for up-to-date coverage of attempts.
About Trend Micro
Trend Micro Incorporated, a global leader in cyber security solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud environments, networks, and endpoints. All our products work together to seamlessly share threat intelligence and provide a connected threat defense with centralized visibility and control, enabling better, faster protection. With more than 5,000 employees in over 50 countries and the world's most advanced global threat intelligence, Trend Micro enables users to enjoy their digital lives safely. For more information, visit www.trendmicro.com.hk.
Source http://www.media-outreach.com/release.php/View/3856#Contact