Home News Pwn2Own Competition 2017 Announced

Pwn2Own Competition 2017 Announced

Aug 28, 2017

If you are up for earning some potentially big money, you might want to check out the Pwn2Own competition. The Pwn2Own competition is held annually, with the goal of this competition being find various vulnerabilities that are on both iOS and Android. This event is going to be held at the PacSec Security Conference. We have all of the latest details about the Pwn2Own competition 2017. This was just announced by Trend Micro.

Pwn2Own Competition Offering Up to $100,000 for Vulnerabilities

One of the biggest pieces of information to come out about the 2017 Pwn2Own competition is that the reward is up to $100,000. This is depending on the issue you have found and if there is a bonus involved.

If you have not heard about the Pwn2Own competition before, it is something Trend Micro has been putting on to encourage people to find vulnerabilities in both iOS and Android. This year the event will be held on November 1, 2017 and November 2, 2017.

Trend Micro is a security firm out of Japan, and the Pwn2Own competition is part of the Zero Day Initiative. This is all about getting security researchers to find vulnerabilities in some of the most well known and popular operating systems and brands.

Companies like Huawei, Samsung, Apple, and Google are often times the main focus for the researchers looking for vulnerabilities. Some of the devices being targeted this year include the Samsung Galaxy S8, Google Pixel, iPhone 7, and the Huawei Mate 9 Pro.

Pwn2Own Competition Details

We already told you that the 2017 Pwn2Own competition will be held on November 1 and November 2, but we have even more details to talk about. You have to find vulnerabilities using the latest version of either iOS or Android. You also have to have up-to-date security patches in place as well.

There will be over $500,000 up for grabs during the entire competition. The most you can win though for one vulnerability find is around $110,000. That includes up to $60,000 for the vulnerability itself and up to $50,000 in an add-on bonus.

The higher-paying vulnerabilities include SMS-based ones, which are around $60,000 whereas the Safari vulnerabilities are paying more around $40,000. Often times the cash prizes depend on how high of a severity the vulnerability is. Another factor is the risk that is associated with it.

When it comes to the add-on bonuses, you can earn anywhere between $20,000 and $50,000. The amount is dependent on a few different factors. You will need to execute the code with the kernel privileges. You also need to be able to reboot the device with the payload still going.

Pwn2Own Competition Is Win-Win Situation

A lot of the companies have representatives that attend the Pwn2Own competition in order to see what the security researchers have found. The companies then usually have 90 days in order to fix the issues that were found before the details are released. This is a win-win situation for everyone since it allows the companies to see the problems with their own eyes.

If you are a security researcher, it is a good thing to get involved in the Pwn2Own competition. This is because you can earn a lot of money just by pointing out vulnerabilities. The competition has a sole focus of finding security flaws in some of the most well-known operating systems.