19-05-2025
Hackers Make $1 Million In Weekend Zero-Day Frenzy
PWN2OWN hackers make $1 million selling zero-day exploits.
As the three-day hacking frenzy that is Pwn2Own Berlin comes to an end, the staggering extent of the skill displayed by the hackers taking part has been confirmed. With a total of no less than 28 completely new and unique zero-day exploits being demonstrated, and an equally impressive $1,078,750 being handed over in exchange for the vulnerabilities leading to them, the world of technology just got a little bit safer. Here's what you need to know.
I'm a hacker, that's a pretty well-known thing, but I'm not in the same league as the elite hackers who compete at Pwn2Own every year. By the way, none of us is a criminal, as hacking is not a crime. Criminal hacking is, but finding security vulnerabilities in hardware and software, platforms and services, most certainly is not. Most hackers are not in the public eye either, staying out of the headlines and just doing their bit to make the world a more secure place to live and work in. Which doesn't mean that a little bit of recognition, if not notoriety, isn't appreciated every now and then. Rather than public recognition, however, it's being appreciated by your peers that drives many of the hackers who have taken part in the Pwn2Own competitions that first started way back in 2007. That, and the money that can be made, of course. You might think that with more than a million bucks handed out at Pwn2Own Berlin, this was the primary objective. But, no, you'd be wrong: getting to the top of the Masters of Pwn leaderboard and proving themselves to be the best of the best beats cold cash any day of the week.
Pwn2Own is held twice a year, with different products and services being targeted at each event. What ties the events together is that all of the targets, be it a Tesla car system or Windows 11, have been put forward by the vendor concerned in order for it to be exposed to the best of the best as far as hackers are concerned. The idea is that individuals can discover security vulnerabilities that would otherwise remain hidden until malicious actors uncover them, and demonstrate how those vulnerabilities can be exploited. The vendors are given 90 days to fix any successful zero-days that are uncovered, before the technical details are made public. From the hackers' perspective, things are spiced up a little by their zero-day exploit attempts being strictly against the clock as well as against each other.
FEATURED | Frase ByForbes™
Unscramble The Anagram To Reveal The Phrase
Pinpoint By Linkedin
Guess The Category
Queens By Linkedin
Crown Each Region
Crossclimb By Linkedin
Unlock A Trivia Ladder
This year, between May 15 and 17, the Pwn2Own hackers were able to find no less than six zero-days in Windows 11, as well as three VMware zero-days, and two impacting Mozilla Firefox.
In all, no less than 28 zero-day exploits were demonstrated, and Trend Micro ZDI handed over $1,078,750 to the successful hackers in return for the vulnerability details.
