10-year old girl uncovers smartphone vulnerability

A ten-year old hacker known as @CyFi has uncovered a zero-day exploit in iOS and Android games. The hack has been verified by independent researchers and has been classed as new vulnerability. The ten-year old girl who hales from California presented her findings at the DefCon 19 convention. She explained that she uncovered the hack in January this year as a workaround for farm-based games that took too long to progress.

In an interview with CNET, CyFi revealed her motivation:

"It was hard to make progress in the game, because it took so long for things to grow. So I thought, 'Why don't I just change the time?'"

The hack works on a number of games where it is possible to make faster progress by manually advancing the devices clock beyond real-time. Although some games are capable of blocking the hack, a number remain vulnerable to it.

Even those games that are geared to block such attacks were still vulnerable to work-arounds including disconnecting the device from Wi-Fi or by making subtle forward increments in the time.

Cy-Fi has chosen not to reveal which games are susceptible to the vulnerability as she hopes to give the vendors an opportunity to close off the exploit before it is detailed.

By Electronista Staff