Google Chrome hacker awarded $60k for whitehat work

A Russian security researcher won $60,000 for discovering a vulnerability in Google's Chrome browser —and for demonstrating how to bypass the software's security sandbox.

 

Sergey Glazunov won the cash as part of the Pwnium competition run by Google at the CanSecWest conference in downtown Vancouver, computer security firm Sophos reported.

 

Glazunov found a remote code execution vulnerability in Chrome, that malicious hackers and cybercriminals could use to install and run code on victims' computers.

 

"Looks like it qualifies as a 'Full Chrome' exploit, qualifying for a $60k reward. We’re working fast on a fix that we’ll push via auto-update," Sundar Pichai, a senior vice president at Google, said on his Google+ account.

 

Despite the discovery of the vulnerability, Pichai said this was an "exciting" development.

 

"We launched Pwnium this year to encourage the security community to submit exploits for us to help make the web safer. We look forward to any additional submissions to make Chrome even stronger for our users," Pichai said.

 

Last month, Google announced it was offering a total of $1 million in rewards for those who uncovered security holes in Chrome.

 

Sophos said that at present, a hefty $940,000 remains in the Pwnium prize fund. — TJD, GMA News