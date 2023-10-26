Galaxy S23 was targeted by hackers during the first day of Pwn2Own in Toronto, a contest that highlights device security flaws.

Toronto, Canada: Skilled hackers compete to exploit vulnerabilities zero-day to gain full control of your devices.

It’s about Pwn2Own, competition organized by the Zero Day Initiative Of Trend Microan interesting test bed for the abilities of hackers around the world to detect and exploit not yet known weaknesses in the most widespread technological devices. It seems that Galaxy S23 is not such a safe against cyber penetration attempts, given that it was the subject of two violations on the first day of the contest. The first exploit was found from an allowed list of inputs mentioned by the competition, while the second group managed to exploit the Galaxy S23’s input validation technique.

Hackers on board Samsung Galaxy S23 is the latest flagship from the South Korean company With the help of improper input validation, hackers managed to trick an app and then execute malicious code while gaining control of the smartphone’s resources.

The rules of the competition establish the maneuver radius of the participants, which means that the steps necessary to compromise the device have been performed by browsing the target's default browser, using NFC, Wi-Fi or Bluetooth. The device must also be running on the latest software version and with the latest security patch – in the case of the Galaxy S23 it was not possible to use the upcoming One UI 6.0. The team Pentest Limited was the first to hack the Galaxy S23, exploiting a weakness in input validation to execute arbitrary code while gaining total control of the device.

For this feat, they received an award of $50,000. Next, the team STAR Labs SG also had success exploiting a similar vulnerability to compromise the same smartphone model, earning a reward of $25,000.