Security Research
Showing results for 
Search instead for 
Do you mean 

Mobile Pwn2Own Tokyo 2014

Brian_Gorenc ‎09-02-2014 12:17 PM - edited ‎09-11-2014 11:39 AM

HP Security Research’s Zero Day Initiative (ZDI) invites you to join us for the third annual Mobile Pwn2Own competition, to be held this year on November 12-13 at PacSec Applied Security Conference in Tokyo, Japan.  We’re looking forward to rewarding the world’s top researchers for demonstrating and disclosing their stealthy attacks on mobile devices, and we’re delighted that our friends at Google’s Android Security Team and BlackBerry are joining us again as sponsors.


This year, we’re upping the prize pool to $425,000, rearranging the prize package, and introducing new devices in order to attract the best and brightest researchers and enhance security for the most popular mobile platforms.


In their sights – the mobile attack surface


In case you’re not familiar, Mobile Pwn2Own is ZDI’s annual contest that rewards security researchers for highlighting security vulnerabilities on mobile platforms. (You may have heard of its sister contest for other platforms, Pwn2Own, which was held in March this year at CanSecWest.) With the near-ubiquity of mobile devices, vulnerabilities on these platforms are becoming increasingly coveted and are actively and vigorously hunted by criminals for exploitation. This contest helps to harden these devices by finding vulnerabilities first and sharing that research with mobile device and platform vendors.


This year’s bounty


The prize pool is rising again, with HP and its sponsors offering over $425,000 (USD) in cash and prizes to researchers who successfully compromise selected mobile targets from particular categories, which is $125,000 more than last year’s contest. Contestants are judged on their ability to uncover new vulnerabilities and to develop cutting-edge exploit techniques that can be used to compromise some of the world’s most popular mobile devices.


  • Mobile Web Browser ($50,000)
  • Mobile Application/Operating System ($50,000)
    • Reachable by a remote attacker (including through browser)
  • Short Distance ($75,000), either:
    • Bluetooth, or
    • Wi-Fi, or
    • Near Field Communication (NFC)
  • Messaging Services ($100,000), either:
    • Short Message Service (SMS), or
    • Multimedia Messaging Service (MMS), or
    • Commercial Mobile Alert System (CMAS)
  • Baseband ($150,000)
    • Limited to Apple iPhone, Google Nexus, BlackBerry Z30 Only

Contestants can select the target they want to compromise during pre-registration.  The details, including exact OS version, applications, firmware and model numbers will be coordinated after pre-registration. The following targets are available for selection:


  • Amazon Fire Phone
  • Apple iPhone 5s
  • Apple iPad Mini with Retina Display
  • BlackBerry Z30
  • Google Nexus 5
  • Google Nexus 7
  • Nokia Lumia 1520
  • Samsung Galaxy S5

How do I enter?


The contest is open to all registrants in the PacSec 2014 conference (as long as you meet our rather inclusive eligibility requirements).


Start by reviewing the contest rules, here. Next, if you don’t already have a free ZDI researcher account, you need to sign-up here. When you’re all signed up as a ZDI researcher, it’s simply a matter of contacting us to register for the contest.


More importantly, how do I win?


Be the first to compromise a selected target in one of the categories using a previously unknown vulnerability (one that has not been disclosed to the affected vendor). You’ve got 30 minutes to complete your attempt. When you’ve successfully demonstrated your exploit and ‘pwned’ the targeted device, you need to provide ZDI with a fully functioning exploit and a whitepaper detailing all of the vulnerabilities and techniques utilized in your attack.


A successful attack against these devices must require no user interaction beyond the action required to browse to the malicious content. As always, the initial vulnerability used in the attack must be in the registered category.  The contestant must demonstrate remote code execution by bypassing sandboxes (if applicable) and exfiltrating sensitive information. To avoid interfering with licensed carrier networks, all RF attacks must be completed within the provided RF isolation enclosure.  The vulnerabilities utilized in the attack must be unpublished zero days.


As always, ZDI reserves the right to determine what constitutes a successful attack.


The vulnerabilities and exploit techniques discovered by the winning researchers will be disclosed to the affected vendors. If the affected vendor is at the conference, we can even arrange to hand over the vulnerability details onsite for the fastest possible remediation. 


If you missed it above, the full contest rules are here.


Want to know more?


We’ll be tweeting regular updates and news on Mobile Pwn2Own up to and during the contest. You can follow us @thezdi on Twitter or search for the hash tag #pwn2own. Visit for updates throughout the contest and to check out content from past contests, including photos, videos and more.


For press inquiries, please contact Jewel Timpe,






0 Kudos
About the Author


27 Feb - 2 March 2017
Barcelona | Fira Gran Via
Mobile World Congress 2017
Hewlett Packard Enterprise at Mobile World Congress 2017, Barcelona | Fira Gran Via Location: Hall 3, Booth 3E11
Read more
Each Month in 2017
Software Expert Days - 2017
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all