Google Pixel Hack Highlighted At PWNFEST

Google's Pixel, the smaller of the two new phones from Google, presents Android 7.1 (Nougat) in a hand-friendly package. The hardware is powerful, and the software is clean, robust, and mostly secure. Like literally any other device that runs software ever made, of course, there is bound to be at least one way to get the phone to jump through hoops that it shouldn't be jumping through, and hacking team 360 Alpha Team, affiliated with Qihoo 360, happened to find one of those ways. They took to the floor at the first day of the PWNFEST security enthusiast and white hat hacker convention to show off their exploit, and walked away with $120,000 for their troubles.

The exploit in question was undisclosed, but allowed for remote code execution without proper authorization. In essence, the hack would allow somebody to not only gain full control of a Pixel, but also access all of the data on it, encrypted or not. 360 Alpha Team's people showed off the exploit by having the pwned device open up the front page of the Play Store without having anybody touch the phone, then crack open a Chrome window that displayed the text, "Pwned by 360 Alpha Team". Since the nature of the hack was not publicly disclosed, it's unknown if it affects only Pixel devices, all Android 7.1 devices, or all Android devices in general.

This is not the Pixel's first time being pwned, showing that the newly released dichotomy of devices has a bit of a ways to go when it comes to security. The last time a Pixel was hacked was less than two weeks ago, at the hands of Tencent's Keen Team. The hack was of the zero-day variety, and was shown off at Japan's Pwn2Own event, a well-known hackfest where, as the name implies, those who can hack a device will get one, among other prizes. That exploit is still unpatched to this day, and Google is working on a fix for both it and the more recent vulnerability found by 360 Alpha Team. With the November security patch already being out, the Android faithful can probably expect to see these two flaws patched up in one of the future security updates.

Copyright ©2019 Android Headlines. All Rights Reserved
This post may contain affiliate links. See our privacy policy for more information.
You May Like These
More Like This:
About the Author
2018/10/Daniel-Fuller-2018.jpg

Daniel Fuller

Senior Staff Writer
Daniel has been writing for Android Headlines since 2015, and is one of the site's Senior Staff Writers. He's been living the Android life since 2010, and has been interested in technology of all sorts since childhood. His personal, educational and professional backgrounds in computer science, gaming, literature, and music leave him uniquely equipped to handle a wide range of news topics for the site. These include the likes of machine learning, voice assistants, AI technology development, and hot gaming news in the Android world. Contact him at [email protected]
Android Headlines We Are Hiring Apply Now