Photo Credit: The ZDI
A number of popular devices from the likes of Amazon, Netgear, Sony, Samsung, TP-Link, and Xiaomi were hacked by various white hat hacker teams as part of the Pwn2Own Tokyo 2019 competition. The organisers of the event will be sharing the details of the hacks with the respective companies to release the patched versions of their devices in the future. The hackers managed to crack Amazon Echo Show 5 smart speaker, Samsung Q60 TV, Sony X800G TV, Netgear Nighthawk Smart Wi-Fi Router R6700, and TP-Link AC1750 Smart Wi-Fi router, apart from the Samsung Galaxy S10 and Xiaomi Mi 9 smartphones on the first day of the competition, as well as part of the second day.
Another team, Pedro Ribeiro and Radek Domanski who call themselves Flashback targeted the LAN and WAN interfaces of the TP-Link AC1750 Smart Wi-Fi router and were successful. They also succeeded in cracking both LAN and WAN interfaces of Netgear Nighthawk Smart Wi-Fi Router R6700.
Most of these devices were hacked on the first day, and the second day is still going on and we are likely to see more exploits of some of the already existing devices and more. We will update this space as and when the day two ends.
As mentioned, the Pwn2Own Tokyo 2019 team will share these exploits with the respective companies to get them fixed.