Google Pays $70000 Reward for Simple Android Lock Screen Bypass Bug - PCMag

Security researcher David Schutz(Opens successful a caller window) discovered an casual Android fastener surface bypass by mishap aft helium managed to fastener himself retired of a Pixel 6 smartphone.

The vulnerability was recovered aft Schutz had spent an full time traveling and his telephone artillery died. On plugging the charger in, the telephone asked for his SIM's PIN code, which helium didn't cognize and was truthful locked out. Three failed PIN codification attempts aboriginal and the telephone past asked for the SIM's PUK code, which is recovered connected the packaging the SIM arrives in.

Schutz recovered the PUK code, entered it into the phone, and was asked to acceptable a caller PIN. On doing so, helium noticed the fingerprint icon was displayed alternatively of the fastener icon. The telephone past accepted his fingerprint, but got stuck connected a "Pixel is starting..." message.

Further investigation(Opens successful a caller window) revealed helium could travel a series of steps, including hot-swapping the SIM tray, and bypass the lockscreen completely. The process for achieving that is shown successful the video above, and it works for each Google Pixel phones.

Thankfully, the bypass has present been fixed arsenic portion of the Nov. 5, 2022 information update. When Schutz primitively filed his bug study the Android reward amounts table(Opens successful a caller window) suggested helium could beryllium successful enactment for a $100,000 reward. However, the bug was subsequently marked arsenic a duplicate, meaning he'd get nothing. That wasn't the extremity of the story, though.

Schutz reported the bug successful June(Opens successful a caller window), a period aboriginal is was marked a duplicate, but erstwhile the September information spot was released the bypass could inactive beryllium used. Schutz was astatine Google's ESCAL8 lawsuit successful London astatine the clip truthful decided to show the bypass connected the Pixel phones astatine Google's office.

The Android Vulnerability Reward Program squad took notice, listened to the full communicative regarding the bug, and a hole was planned for November. Schutz ended up receiving a reward of $70,000 due to the fact that adjacent though his bug was a duplicate, "it was lone due to the fact that of my study that they started moving connected the fix" truthful the VRP squad made an objection to the rules and paid him a generous sum.