Min menu


TianfuCup competition allows many systems hacked


Many software companies Microsoft, Apple, Samsung, Google and Mozilla have been hacked using new exploit methods unprecedented in this year's version of TianfuCup 2020, China's biggest and most famous piracy competition.

The two-day competition was held in Chengdu, central China, and the third edition of the International Cybersecurity Competition ended earlier today.

Organisers said: Many mature and difficult goals have been linked in this year's competition, and 11 of the 16 goals have been breached through 23 successful demos.

Successful gaps against a number of platforms were confirmed, including:

  • Apple iPhone 11 Pro iOS 14.
  • Samsung Galaxy S20 on Android 10.
  • Microsoft Windows 10 (April 2020 release).
  • Ubuntu Ubuntu.
  • CentOS 8.
  • Google Chrome.
  • Apple Safari.
  • Firefox Mozilla Firefox.
  • Adobe PDF reader.
  • Docker (community version).
  • VMware ESXi hypervisor.
  • QEMU.
  • TP-Link TL-WDR7660 router firmware.
  • Firmware for the router ASUS RT-AX86U.

Fifteen teams of Chinese infiltrators participated in this year's edition, and the contestants had three five-minute attempts to break through a target with an original exploit.

For each successful attack, the researchers received financial rewards that varied depending on the goal they chose and the type of vulnerability.

All exploitations were reported to software providers, in accordance with competition regulations, similar to pwn2Own piracy competition rules.

The TianfuCup, like Pwn2Own, began in 2018 after a state government regulation banning security researchers from participating in international piracy competitions due to national security concerns.

In the coming days and weeks, corrections are supposed to be provided for all errors that have been displayed, as is usually the case after each TianfuCup and Pwn2Own competition.

Like last year, the winning team came from Chinese technology giant Qihoo 360, and acquired nearly two-thirds of the total prizes, earning $744,500 out of a total of $1210,000 awarded this year.

Ant-Financial Light-Year Security Lab came in second with $258,000, while a security researcher named Pang came in third with $99,500.