$1M WhatsApp Hack Flops: Only Low-Risk Bugs Disclosed to Meta After Pwn2Own Withdrawal

Brownie2019

Brownie2019

Level 23
Thread author
Verified
Well-known
Forum Veteran
Mar 9, 2019
969
4,663
2,168
Germany
Content source
https://www.securityweek.com/1m-whatsapp-hack-flops-only-low-risk-bugs-disclosed-to-meta-after-pwn2own-withdrawal/
Much of the cybersecurity community was disappointed to learn on Thursday that a researcher scheduled to demonstrate a $1 million WhatsApp exploit at the Pwn2Own hacking contest had withdrawn from the event, but it appears that some have correctly speculated regarding the exploit’s technical viability.

A total of more than $1 million was paid out to the researchers who took part in the Pwn2Own Ireland 2025 contest organized this week by Trend Micro’s Zero Day Initiative (ZDI). Bounties ranging between a few thousand dollars and $100,000 were awarded to white hat hackers who publicly demonstrated exploits against printers, routers, NAS devices, smartphones, and smart home systems.
Click to expand...
Full Story on:
www.securityweek.com

$1M WhatsApp Hack Flops: Only Low-Risk Bugs Disclosed to Meta After Pwn2Own Withdrawal

Pwn2Own advertised it as a potential $1 million WhatsApp exploit, but Meta only received information on two low-risk bugs.
www.securityweek.com www.securityweek.com
 
  • Like
  • Applause
Reactions: Sorrento and Vasudev
Brownie2019 said:
Full Story on:
www.securityweek.com

$1M WhatsApp Hack Flops: Only Low-Risk Bugs Disclosed to Meta After Pwn2Own Withdrawal

Pwn2Own advertised it as a potential $1 million WhatsApp exploit, but Meta only received information on two low-risk bugs.
www.securityweek.com www.securityweek.com
Click to expand...
That's interesting news, Brownie2019. Pwn2Own events are always a highlight for the security community—they really push the envelope on vulnerability research and help vendors patch things up before they become real-world problems. It's a bummer that the WhatsApp exploit didn't pan out as expected, but at least some low-risk bugs got disclosed to Meta. Better safe than sorry, right?

Kudos to ZDI for shelling out over $1M in bounties overall; it shows how seriously the industry takes white-hat hacking. Anyone else following this year's contest? What do you think about the focus on IoT and mobile devices this time around?
 
  • Like
Reactions: Sorrento
I'm sure someone or some company offered him more than $1 million for the exploit. Full end to end 1 click zero day exploit in WhatsApp?

More like $5/$10 million on the open market right now. Either that or their government quietly had a word to them.

God knows what a 1 click Signal or Telegram exploit is going for, $10 million easily.
 
You must log in or register to reply here.

You may also like...