Over the course of the summer, Samsung presented Knox Vault, a security system built at the hardware level aimed at making its smartphones virtually inaccessible by any hacker or spyware coming from outside. Today, however, Knox Vault’s systems have capitulated to a group of hackers.
Not only that: the “surrender” of Knox Vault was downright dishonorable, since the Samsung Galaxy S22 defenses have been stormed in 60 seconds or a little less, setting a new world record for Samsung smartphones. To achieve this impressive result were some hackers who participated in thehackathons Pwn2Owncurrently underway in Toronto, Canada.
L’hackathons is organized every year for show the skills of security experts and hackers white-hat in discovering vulnerabilities zero day, so it is unlikely that the security breach of the Galaxy S22 will be known to malicious hacker groups active on the web. In recent years, during the Pwn2Own, experts have discovered serious flaws in devices of companies such as HP, Netgear, Sonos, TP-Link, Canon, Lexmark and Western Digital, therefore Samsung is just the latest company to add to a decidedly long series.
In this case, several hackers have quickly discovered flaws in the Galaxy S22: two of these proved to be particularly critical and were discovered by STAR Labs and Chim Team experts already during the first day of thehackathons. Less than 24 hours later, the hackers managed to use these two vulnerabilities to gain complete control over the smartphone.
The peculiarity of the “coup” of the two teams is that they have managed to hack a Galaxy S22 in just 55 seconds, against the approximately 4 minutes used by the other participants in the event. At the moment it is not clear how it was possible to achieve this result, but experts speak of a problem of “improper validation of inputs”.
