The least thing we all want is that someone unlock your phone in just a few minutes and could fully use it as his own. This is the result one hacker managed to achieve accidentally discovering a security bug on his Google Pixel phone. Google paid hacker a relatively solid sum of $ 70,000 for reporting this security bug.
There are malicious hackers and ethical hackers. As some of you might already know, ethical hackers works on hacking things that could be accomplished by malicious hackers. In some cases they crack software specifically to identify the weakness and make it safer. Ethical hacker David Schutz accidentally discovered a security bug on his Google Pixel phone.
This happened after discharging his Pixel 6 when he was asked to input SIM card PIN to unlock the device. After three times incorrectly entering PIN, SIM card was locked and phone required to input PUK code. After entering the PUK code, Pixel phone required to set up a new PIN code. When all this was done, David has finally saw the lock screen, but he noticed something was wrong.
This event encouraged Schutz to continue and investigate what’s wrong. Being able to repeat this scenario several times, David realised that he discovered a procedure which would allow someone to easily bypass the lock screen of any Pixel smartphone. All it took was physical access to the phone, the locked SIM card and the needle for displace the SIM card from the phone.
Below you can see a video where Schutz shows how a security gap on Google Pixel phones has been discovered.
After this discovery, he contacted Google and reported this security issue explaining how this vulnerability effects every Pixel smartphone. After this, hacker received $ 70,000 for his report which forced Google to quickly fix this security bug. This vulnerability (CV-2022-20465), which is said to have an impact on all Pixel phones, was fixed with the latest OS security update released on 5 November this year.
Leave a Reply