The Inquirer-Home

Google rewards a hacker with $60,000 for breaking Chrome

Only successful participant in the firm's Pwnium hacking contest
Fri Oct 12 2012, 10:52
google-chrome-logo

SOFTWARE HOUSE Google has awarded $60,000 to a security researcher who cracked its Chrome web browser during the firm's Pwnium hacking contest.

Google confirmed that the winner of the contest - which was the second of its kind, part of the Hack In The Box conference in Kuala Lumpur, Malaysia - was a pwner named "Pinkie Pie", who was the only participant with a successful entry.

"[Pinkie Pie's] pwn relies on a Webkit Scalable Vector Graphics (SVG) compromise to exploit the renderer process and a second bug in the IPC layer to escape the Chrome sandbox," Google said in a blog post.

"Since this exploit depends entirely on bugs within Chrome to achieve code execution, it qualifies for our highest award level as a 'full Chrome exploit,' a $60,000 prize and free Chromebook."

Google said that the exploit found by Pinkie Pie has already been patched and that an updated version of Chrome was rolled out to customers within 10 hours of the flaw being found.

Google originally set aside $2 million to pay out to hackers taking part in the contest, but only Pinkie Pie, who won last year, could break the web browser. However, it is thought that some bug bounty hunters ignored the contest because they might be better rewarded by selling their findings on the open market.

Google does seem to be doing something to tackle this problem, though. Earlier this year, the firm announced that it was upping the amount it would pay for a single hack from $3,133 to $20,000. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Apple announces the iPhone 6, iPhone 6 Plus and Apple Watch

Which of Apple's new products will you be buying?