The Chinese government says allegations that it orchestrated the recent security breach in U.S. government computer systems as groundless. (Photo : Reuters)
360Vulcan Team, an Internet security research team from China, “broke” Microsoft’s Internet Explorer (IE) 11 browser in 17 seconds at the 2015 Pwn2Own hacking contest in Vancouver, Canada, PR Newswire reported on Thursday.
It marks the first time an Asian team has broken into the IE browser, whose latest iteration is the highest protected level to date in the two-day competition.
Used for the contest was a 64-bit version of Internet Explorer 11, which is protected by various advanced security measures including Windows 8.1 OS security mechanisms. 360Vulcan Team broke through these using an uninitialized memory vulnerability that enabled the team to execute a medium-integrity code and win the first prize of $32,500, IT security Web portal SecurityWeek said in a report.
"IE is a popular application software in China, also a challenging attack project in this contest," MJ0011, the leader of 360Vulcan Team, said.
"Only with constant innovations and improvement can we find the best security solutions," the leader added.
360Vulcan Team consists of members from the offensive and defensive research arm of Chinese Internet security company Qihoo 360 Technology. The company's flagship security solution "360 Safeguard XP Shield" was launched in 2014 using technology designed and developed by 360Vulcan Team.
As of 2009, 360Vulcan has been awarded 68 official acknowledgments from Microsoft for reporting security flaws from its products, and ranks first among global security software vendors that help Microsoft fix the flaws, PR Newswire said.
Pwn2Own, now in its eighth year as part of the annual CanSecWest security conference, challenges security researchers to hack into popular software and mobile devices using previously unknown vulnerabilities. The latest iteration of the competition is sponsored by HP and Google with a prize pool of up to $447,500.
