DefCon Hacker CyFi Finds Security Issue in Mobile Games

It appears there a security issue with smartphone and tablet games has been brought to light during DefCon Kids held in Las Vegas, as a ten year old hacker known as CyFi delivered her finding on a mobile game bug during the hacker conference.

The BBC is reporting that the young hacker has found that altering the clock of smartphones and tablet in a game can apparently open a loophole that could be exploited, although apparently details of just what the bug opens haven’t been revealed but such bugs can enable an attacker to run code and gain access to data.

Apparently CyFi discovered the issue when becoming board with waiting for crops to become ready in mobile farming games and decided to see if she could speed up the process, so she began altering the clock in settings to see if she could advance the growing time.

Although numerous games can block clock based cheating, CyFi managed to find a way around the security and found that disconnecting her device from WiFi along with advancing the clock small amounts opened up the exploit, which apparently forces the mobile game “into a state not tested by its original creators.”

Apparently independent security researchers have verified the exploit discovered by CyFi, and said exploit apparently works on both Android and iOS devices, although just what mobile games are affected by the exploit haven’t been named as to give their creators the opportunity to resolve the issue.

Apparently it isn’t just farming games that can be duped, as other mobile games that also keep you waiting are open to the same exploit, and we have a demonstration video below of that timing exploit for your viewing consideration courtesy of YouTube user Aton1xiDevice, and shows just how easy it is to accomplish advancing the clock to progress a game.

If any of our gaming readers tries out this exploit to advance their gaming we’d like to know if it works well for you and what game you managed to get it to work on, so feel free to check out the video and share your findings to our comments area below.

Live Comment

Your email address will not be published.