Posted on November 18, 2019 at 5:43 PM
Just last year, the government of China forbade the country’s security experts from taking part in hacking competitions outside the country. The goal was to ensure that the secrets behind the weak points of the software applications are not leaked outside China. This ruling had a ripple effect as major hacking competitions were mainly peopled by eager participants from China. Pwn20wn is a very good example of this.
Chinese Government Adapts
In order to adapt to the change after the ban, the government of China decided to launch a Chinese counterpart in the contest. It was designed for local researchers and it was known as TianfuCup. For the present version of the TianfuCup, the changes were visible right from the first day.
In fact, the security experts from China were able to detect zero-day weaknesses in Microsoft Edge (running on EdgeHTML). They also discovered similar flaws in Adobe PDF Reader, Safari, Google Chrome, Office365, quemu-kvm + Ubuntu and D-Link DIR-878 Router.
In 2016, the unit that led was Team 360Vulcan and it won when it hacked Google Chrome in just 11 minutes. The same team is the leader at this year’s version of the TianfuCup.
More Skills from Brilliant Minds
On the second day, the Chinese hackers had opened up the weak points in D-Link DIR-878 router, Adobe PDF Reader and VMWare Workstation. Team 360Vulcan was to do the same to iOS in their duration. However, they fell by the way before they were able to pull it off.
But that did not stop the brilliant team from clinching the top prize. It got prize money of $382,500 for hacking Microsoft Office 365, VMWare Workstation, Microsoft Edge, Adobe PDF Reader, and qemu+Ubuntu.
A significant bulk of the money that Team 360Vulcan carted away was from their works on VMWare and qemu+Ubuntu. This is because the valuation for these two stood at $200,000 and $80,000 respectively. This is definitely a big deal as it is China’s real elite hacking contest. It is safe to say that their counterparts from the Western nations are also going to be paying very close attention to the discoveries and results from the hacking contest.
The competition was held in the Chinese city of Chengdu. It lasted over a period of 48 hours, from the 16th to the 17th of November. At the event, Chinese security experts tested the limits of some of the most used applications on the planet.
The aim was to penetrate and control an application. However, this was to be done by making use of weaknesses that have not been discovered by anyone else before. If the penetration succeeds and they are able to break down the application, then the researchers are going to get points.
These points are summed up at the end of the day and they determine who will get the cash prizes. The contest is more than the money, it also automatically gives nationwide and global prominent to the computer wizards who were able to pull it off.