Article Details

Over 70 zero-day flaws get hackers $1 million at Pwn2Own Ireland. The fourth day of Pwn2Own Ireland 2024 marked the end of the hacking competition with more than $1 million in prizes for over 70 unique zero-day vulnerabilities in fully patched devices. The hacking contest pits security researchers against various software and hardware products, in an attempt earn the "Master of Pwn" title by compromising targets in eight categories ranging from mobile phones, messaging apps, home automation, and smart speakers to printers, surveillance systems, network-attached storage (NAS), and SOHO Smash-up. This edition of Pwn2Own was the fourth consecutive one where white-hat hackers passed over the million-dollar prize mark, earning a total of $1,066,625. During the last day of the competition, security researchers successfully exploited devices from Lexmark, True NAS, and QNAP: Viettel Cyber Security received the "Master of Pwn" award for collecting a total of 33 Master of Pwn points. They earned $205,000 for the flaws demonstrated in QNAP NAS, Sonos speakers, and Lexmark printers. The next Pwn2Own event is scheduled for January 22, 2025, and will happen in Tokyo, Japan. The event focuses on the automotive industry and has four categories for participants: Tesla, In-Vehicle Infotainment (IVI), Electric Vehicle Chargers, and Operating Systems. Zero Day Initiative (ZDI) has published details about the categories and the money prizes for successful exploitation. The rules of the competition are available here.