Google recently touted that their new Pixel and Pixel XL smartphones were as secure as Apple’s iPhone, but that definitely doesn’t seem to be the case. A group of Chinese hackers who work at a security firm called Qihoo 360 managed to use an exploit that gave them full remote access to the device, as well as access to personal information including contacts, phone calls, messages, and photos. The hack took place at the PwnFest event in Seoul, South Korea last Friday.
This isn’t the first time the Pixel or Pixel XL was compromised as hackers from Tencent’s Keen Labs also managed to hack into the Pixel at Japan’s Pwn2Own event last month.
The Google hack was patched within 24 hours of PwnFest, and the Keen Labs exploit has apparently been patched already. Qihoo 360 netted themselves a cool $120,000 for making short work of the Pixel, as well as another $120,000 for exploiting Adobe Flash in under 4 seconds while a separate group of hackers managed to exploit Apple’s Safari browser in under 20 seconds (netting them $80,000).
While most Pixel patches will be pushed through to consumer devices by Google, if the exploit affects other OEM devices it is up to OEMs to push out the patch to Telcos and subsequently to consumer devices. In some cases, especially for older devices, this patch may never come as many OEMs are behind on keeping current with the monthly Android security patches.
What do you think about the recent Google Pixel hacks at both PwnFest and Pwn2Own? Let us know in the comments below or on Google+, Twitter, or Facebook.Source: The Register