Nexus 6P With All Security Patches Gets Pwned

One of the advantages of buying Nexus devices (and now Pixels) is that they receive up-to-date security patches for at least three years from the date of release. This makes them secure right? Unfortunately not. In the recent Mobile Pwn2Own competition sponsored by Trend Micro a team of hackers was able to pwn one of these devices.

China’s The Tencent Keen Security Lab Team was able to get a malicious app installed on a Nexus 6P on their first attempt. This malicious app, while it did not fully unlock the phone, gave them full access to user data on the phone. The hack involved sending an MMS to the phone and did not require any interaction with the phone at all. They used the remaining time to add “flair and style” to their hacks to win themselves even more prize money.

Maybe first Nexus 6p remote pwn in the world?Good job @flanker_hqd @dmxcsnsbh #MP2O pic.twitter.com/twPFj9FLsP

— KEENLAB (@keen_lab) October 26, 2016

In total, the Nexus 6P hack combined with a hack they performed on the iPhone 6S the team netted US$215,000. There was no mention of whether any teams managed to exploit the Galaxy S7, also included in the competition. All successful hacks and vulnerabilities used at Pwn2Own are disclosed to Google for patching. We would expect the exploits to be patched in hopefully the December security update.

Tencent Team Keen won $215k at PWN2OWN Mobile by attacking Nexus6p and two exploits for the iPhone iOS 10.1 released yesterday(!) pic.twitter.com/A5cvCQZdI7

— dragosr (@dragosr) October 26, 2016

With the Nexus 6P meant to be one of the most secure phones (due to it’s monthly security updates) it makes you wonder how older phones from other manufacturers would fare. It makes a good argument for including the “likelihood of receiving security updates” as a key criteria when selecting your next phone.

How much credence do you pay to these sort of competitions? Do you consider security when deciding on a phone purchase?