Teams from Microsoft Corporation (NASDAQ:MSFT) and Zoom Video Communications Inc (NASDAQ:ZM) aren’t expandable after all! This truth has come out after some benevolent hackers managed to showcase the vulnerability of the two. These hackers decided to participate in an annual competition widely known as Pwn2Own, and analysts have called their findings eye-opening.
A joint $400,000 goes out to all the contestants, with sources showing about $1 million spent in prizes. The eye-opening truth is that it is possible to target the significant and popular video conferencing tools, which implies how much could be done on a user’s PC.
The Zoom attack has stood out, and that is based on its inherent nature. Sources depict the victim as more vulnerable. The victim didn’t need to make a single click to be hacked. The other interesting attribute about Zoom’s hack was the possibility of hackers writing their names on the targeted PC.
One would be wrong terming these hackers malevolent because that would imply something drastic. A good example would be the setup of something like snooping malware on the system. Instead, these hackers succeeded in the launch of a calculator. In other words, they launched a classic proof of a successful attack.
Thijs Alkemade and Daan Keuper happen to be the big names behind the exploit. Both of them work with a Netherlands-based security testing company known as Computest. These hackers worked with a three-bug chain in their efforts to exploit Zoom’s messenger. One of the earliest signs of success for the team was the moment they succeeded in getting to the target system and obtaining the code execution.
The hacker’s success has shocked top experts, who couldn’t figure out how they could’ve achieved so much without the target clicking on anything.
A Trend Micro organization known as ZDI happens to be the big name behind Pwn2Own’s operations. This organization discloses the name of the winner that got the $200,000 as OV. He succeeded in combining a pair of bugs for the demonstration.
Reports show other successful hacks, good examples being several other hacks on Microsoft technologies. It was a massive competition that saw the hackers conduct successful hacking activities on Windows 10 and Exchange.