2020 “Tianfu Cup” came to an end: 360 and then cut the grand prize

According tomedia reports, in this year’s Tianfu Cup, many top software programs have been attacked like never before. The Tianfu Cup is China’s largest and most prestigious hacking competition. The third Tianfu Cup in the central Chinese city of Chengdu has ended. “In this year’s competition, many mature and difficult goals have been defeated,” the organisers said. “

Vulnerabilities that have been successfully exploited include:

Run iOS 14 on the iPhone 11 Pro

Samsung Galaxy S20

Windows 10 v2004 (April 2020)

Ubuntu.

Chrome.

Safari.

Firefox

Adobe PDF reader

Docker (Community Edition)

VMWare EXSi (hypervisor)

QEMU (Emulator and Virtual)

TP-Link and Asus router firmware

15 Chinese hacking team took part in this year’s competition. Entrants have three tries, each five minutes, during which time they need to break into the selected target.

For each successful attack, researchers receive different monetary rewards based on the target and type of attack they choose.

All attacks were reported to software vendors in accordance with the rules of the competition, which were modelled on the rules of the more mature Pwn2Own hacking competition, which has been taking place in the West since the end of the first decade of the century.

Patches for all vulnerabilities demonstrated over the weekend will be available in the next few days or weeks.

As last year, the championship team came from Chinese tech giant Qihoo 360. The winners of the 360 Corporate Security and Government and (ESG) Vulnerability Institute received almost two-thirds of the total prize money, and they received $744,500 out of a total of $1.21 million this year. In second and third place were the Ant Safe Lightyeel Laboratory Foundation Research Group ($258,000) and Security Researcher Fat ($99,500).