The iPhone 13, which launched on September 24th, has already been hacked. It was running iOS 15.0.2 – the latest version of Apple’s mobile OS.
The good news is that the hack was done under controlled conditions, during the Tianfu Cup. It is a popular cyber-security competition held in Chengdu, China.
The Tianfu Cup was held from October 16th – October 17th, offering ethical hackers a chance to exploit vulnerabilities and identify backdoors in popular operating systems and software.
The iPhone 13 Pro Was Hacked Live on Stage
Kunlun Lab, a team of ethical hackers, netting a cool $120,000 in cash by jailbreaking a fully-patched iPhone 13 Pro running iOS 15.0.2.
The CEO of Kunlun Lab pulled quite a feat, using a remote code execution exploit found in Safari to hack the device. Apple’s security was breached in under 15 seconds.
It is obvious that the team put considerable research into identifying and exploiting these vulnerabilities. However, the results are still nothing short of shocking.
Apple has made a big deal of its device security and privacy, touting an array of advanced security features. The fact that it was hacked under 15 seconds is a resounding testament to how quickly security can be breached in modern-day devices.
This is the first instance where an iPhone 13 has been remotely hacked since it was released. It goes without saying that Apple will be taking keen notice of the flaws in their security infrastructure, and will be planning security updates very soon.
Contestants were asked to bypass Pointer Authentication Code, or “PAC,” and Kunlun Lab managed to do that in devastating fashion.
Team PangU Managed a Remote Jailbreak on the iPhone 13 Pro
According to a tweet by the CEO of Kunlun Lab, Team PangU also managed to implement a remote jailbreak on the device, which landed them a cool $300,000. This was the top prize in the competition. The prizes were divided into three tiers:
- $300,000 for a remote jailbreak
- $180,000 for a sandbox escape
- $120,000 for remote code execution
The Tianfu Cup doesn’t just focus on iPhones, however. Other devices, including Chromebooks, Windows 10 devices, Linux systems, and even Xiaomi smartphones were subjected to hacking.
Ethical hacking is not illegal, and many companies keenly follow these competitions to identify flaws and patch them. It’s one of the reasons why exact details regarding the Tianfu Cup are not publicly available.
These tournaments are subject to disclosure policies, and the hacks are generally fixed before the details are revealed to the general public.