Security News > 2021 > April > Pwn2Own 2021 Participants Earn Over $1.2 Million for Their Exploits
The Pwn2Own 2021 hacking competition has come to an end, with participants earning more than $1.2 million - more than ever paid out at the event - for exploits in the browser, virtualization, server, local privilege escalation, and enterprise communications categories.
The highest rewards were paid out to team Devcore for an Exchange server exploit, a researcher named OV for a Microsoft Teams exploit, and Daan Keuper and Thijs Alkemade from Computest for a zero-click Zoom exploit.
"We are working to mitigate this issue with respect to Zoom Chat, our group messaging product. In-session chat in Zoom Meetings and Zoom Video Webinars are not impacted by the issue. The attack must also originate from an accepted external contact or be a part of the target's same organizational account. As a best practice, Zoom recommends that all users only accept contact requests from individuals they know and trust," explained a Zoom spokesperson.
Several Ubuntu privilege escalation exploits were rewarded with $30,000 each.
According to Trend Micro's Zero Day Initiative, which organizes Pwn2Own, participants took home $1,210,000 of the $1.5 million prize pool, more than in any other previous year.
In comparison, in 2020, participants only earned $270,000 for their exploits.