In a continuing effort to make Google Chrome more secure, Google enters the browser into hacking competitions. One of the hacking competitions stopped requiring participants to fully disclose how an exploit was performed, so Google decided to start hosting their own. Known as Pwnium competition, Google hands out awards from $20,000 to $60,000 depending on the exploit.
In this case, a hacker managed to win $60,000, the highest award amount, for exploiting a security hole in Chrome on Tuesday. "We're happy to confirm that we received a valid exploit from returning pwner Pinkie Pie," Google announced in a Chromium blog. "This pwn relies on a WebKit Scalable Vector Graphics (SVG) compromise to exploit the renderer process and a second bug in the IPC layer to escape the Chrome sandbox. Since this exploit depends entirely on bugs within Chrome to achieve code execution, it qualifies for our highest award level as a 'full Chrome exploit,' a $60,000 prize and free Chromebook."
Of course, Google's team immediately started patching the exploit as soon as it was discovered and had a patch pushed out in just 10 hours. The hacker who performed this exploit also picked up $60,000 in the first competition that was held earlier this year. If Pinkie Pie can keep this up, he could support himself nicely with this income.