Google often tries to find loopholes in its products by inviting hackers to find them. In return, the company pays huge sums to those who are able to discover real and serious exploits in these products. Now, a hacker has been able to crack Google’s Chrome browser during the Pwnium hacking contest, winning a whopping $60,000 award.
Pwnium hacking contest was a formal event by Google where it wanted hackers to come up real exploits in its software. The highest prize was set aside for someone who could present a ‘full Chrome exploit.’
The company had dedicated total funds of $2 million for the prospective winners but only one hacker was able to hack into Chrome. The hacker’s nick is ‘Pinkie Pie’ and in the past, he has won a number of other hacking contests too.
According to Google, “[Pinkie Pie’s] pwn relies on a Webkit Scalable Vector Graphics (SVG) compromise to exploit the renderer process and a second bug in the IPC layer to escape the Chrome sandbox. Since this exploit depends entirely on bugs within Chrome to achieve code execution, it qualifies for our highest award level as a ‘full Chrome exploit,’ a $60,000 prize and free Chromebook.”
Google has already patched the security vulnerability discovered by Pinkie Pie and has rolled out a new update of the browser. Interestingly, ‘Pinkie Pie’ is not allowed by his employer to take part in hacking contests, so he conceals his real identity and goes only by his nick name.
Source: Chromium Blog
Courtesy: The Inquirer