Samsung phones come with an in-built hardware-level security, which is known as “Knox security” and almost every midrange and flagship smartphone of the brand has that feature. Anyway, hackers who were going to take part in the Pwn2Own hacking competition targeted Samsung Galaxy S22 and they were surprisingly able to find many zero-day vulnerabilities. The competition is currently going on in Toronto, Canada.
Remember that the Zero Day Initiative (ZDI) hosts the yearly Pwn2Own hacking competition to showcase the skills of security researchers and hackers while uncovering zero-day vulnerabilities? Thanks to multiple hackers, critical “zero-day” flaws in NAS (Network Attached Storage) devices from HP, NETGEAR, Synology, Sonos, TP-Link, Canon, Lexmark, and Western Digital have been identified.
The brand’s flagship smartphone, the Galaxy S22, was also used by many hackers, who quickly discovered flaws in the device. Two critical flaws in the Galaxy S22 were revealed by the STAR Labs team and the Chim team. It happened on the first day of Pwn2Own Toronto and gave hackers complete access to the smartphone. A team by the name of Pentest Limited was successful in hacking the smartphone once more on the second day.
The Samsung Galaxy S22 was successfully hacked on day three in under 55 seconds. It has occurred four times thus far in the competition. In these ongoing days, the device has been substantially affected. A Galaxy S22 zero-day vulnerability may be used in under a minute. Security experts at Pentest Limited claim that they gained access using an attack on “improper input validation.”
It is important to note that, in accordance with the competition’s rules, the device was using the most recent version of the Android operating system as well as the most recent device update. The security expert received a $25,000 reward and five points for their research. The gadget was hacked quickly, and on the fourth day, it had been entirely hacked in less than a minute. This also demonstrates that, regardless of how competent the hackers are, the gadget has certain security flaws.