Chrome hacker wins $60,000 for finding “full” exploit
The winner, Sergey Glazunov, was the first to submit an entry in Google’s Pwnium competition to find security exploits in Chrome.
Less than two weeks after Google launched Pwnium, a competition for hackers to find security exploits in Chrome, the search giant has announced its first winner.
Google’s Sundar Pichai announced on his Google+ page yesterday that Chromium contributor Sergey Glazunov submitted the first successful entry to the Pwnium contest, revealing a “Full Chrome Exploit” that bypassed the browser’s sandboxing security. The exploit makes it possible for a malicious hacker to do just about anything they want on an infected machine.
In an interview published yesterday by CNET sister site ZDNet, Justin Schuh of the Chrome security team said that Glazunov was able to execute “code with full permission of the logged on user.” Schuh called the feat “impressive,” and said that it deserved the $60,000 bounty. More