The Rise Of Ethical Hackers - Let The Bounty Hunting Begin!

Well, well well! It seems like our own favourite ethical hacker, Rafay Baloch, is about to meet the clan  with whom he shares his talents! If you still haven't figured out who R.B is, please do your homework before falling in love with us! (yes, I said it!)

Security researchers and ethical hackers are massing up in Vancouver at the CanSecWest conference this time of the year. The crowd is going to be equipped and ready to hunt down every vulnerability possible in Chrome, Internet, Explorer and Java (good riddance since Java has attacked over and over again since 2013 began). And in doing so, they will be able to bag generous cash prizes.


Pwn2Own is organising the event offering over half a million dollars in cash prizes for anyone who successfully attempts to ethically hack a selected target.

The rules are simple:

1. Vulnerability has to be previously unknown.
2. Computers should be running fully patched versions of Windows 7, 8 and OS X Mountain Lion
3. A full sandbox (if present) escape is required to win.

Rules and Regulations from Pwn2Own can be found on their link.

The list of targets and the cash prizes to be won are:

• Web Browser
• Google Chrome on Windows 7: $100,000 plus the compromised laptop (estimated at $2,000) and 20,000 ZDI reward points (estimated at $10,000)
• Microsoft Internet Explorer, either:
• IE 10 on Windows 8: $100,000 plus the compromised laptop (estimated at $2,000) and 20,000 ZDI reward points (estimated at $10,000), or
• IE 9 on Windows 7:  $75,000 plus the compromised laptop (estimated at $2,000) and 20,000 ZDI reward points (estimated at $10,000)
• Mozilla Firefox on Windows 7:  $60,000 plus the compromised laptop (estimated at $2,000) and 20,000 ZDI reward points (estimated at $10,000)
• Apple Safari on OS X Mountain Lion:  $65,000 plus the compromised laptop (estimated at $2,000) and 20,000 ZDI reward points (estimated at $10,000)
• Web Browser Plug-ins using Internet Explorer 9 on Windows 7
• Adobe Reader XI ($70,000) plus the compromised laptop (estimated at $2,000) and 20,000 ZDI reward points (estimated at $10,000)
• Adobe Flash ($70,000) plus the compromised laptop (estimated at $2,000) and 20,000 ZDI reward points (estimated at $10,000)
• Oracle Java ($20,000) plus the compromised laptop (estimated at $2,000) and 20,000 ZDI reward points (estimated at $10,000)

On the other hand, Google is arranging its own competition with the name of Pwnium 3. Pwnium 3 focuses on finding vulnerabilities in Chrome OS and is offering a more-than-generous $3.14159 million is reward. This particular competition will be based on Samsung S5 550 Chromebook running the latest version of Chrome OS. You will need to successfully exploit the browser or system of the device logged in as a guest or a user or "compromise with device persistence - guest to guest with interim reboot, delivered via a webpage."

Our readers should take in notice to upgrade and update their systems with the latest versions of softwares to stay safe from cybercrimes and attacks.

Ethical hacking has been on the rise since bounty hunters tend to look for every possible way to attack a system to earn their much deserved prize money. Therefore, many International companies are encouraging hackers to join them in their pursuit for safe and secure softwares, programs, systems and the like.

Our own bounty hunter and ethical hacker Rafay Baloch has done so many a times and has been awarded with prize money from PayPal, job offers from big-shot companies and cell phones from Nokia. A proud people we are!

Rafay Baloch and his team members (including I) have made it our mission to spread awareness regarding Ethical Hacking and its advantages. Believe us people, its always better to do the right thing and get paid, then do the wrong one and get caught.

Let the hunting begin!

Cheers!

About the Author:
This article has been written by Dr. Sindhia Javed Junejo. She is one of the core members of RHA team.