Security News > 2022 > December > Pwn2Own contest concludes with nearly $1m paid out to ethical hackers

Pwn2Own paid out almost $1 million to bug hunters at last week's consumer product hacking event in Toronto, but the prize money wasn't big enough attract attempts at cracking the iPhone or Google Pixel because miscreants can score far more from less wholesome sources.

The contest planned to give away $250,000 for a successful iPhone or Google Pixel exploit, he told The Register, in an exclusive interview at the end of the four-day event.

"We talk to people across different sectors as far as the bug economy goes, and some of the things that we've heard is to get a zero-click iPhone exploit, the price can go up to $15 million."

"Especially in some places where it's legal, for example, selling to an exploit broker or somebody's going to resell it. But the flip side of that is: once you go down that route, it's very hard to get out of it."

This most recent event in Toronto was the largest-ever with 26 contestants submitting 66 entries over the four-day event that paid out $989,750 for successful exploits across mobile phones, smart speakers, routers, printers, and network-attached storage devices.

"Maybe the average consumer is not concerned about some of these exploits - although they should be - but I can tell you the commercial customers that we deal with are definitely concerned," he told The Register.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/12/13/pwn2own_wraps/