iOS, Samsung apps popped at Pwn2Own

A local team from Mitsui Bussan Secure Directions collected $40,000 for installing malware and stealing personal data on the Android-powered Samsung Galaxy S4.

The group lured a user to a malicious website, gained system-level privileges and installed applications that allowed the team to gather information, including SMS messages, contacts and browsing history.

Chinese squad from Keen Cloud Tech took $27,500 for demonstrating two exploits against Safari on the iPhone 5. The group captured Facebook credentials on iOS 7.0.3 by stealing a Facebook cookie via social engineering, and also stole a photo on iOS 6.1.4.