A teenage hacker has received a cool $60,000 from Google after discovering the first Chrome vulnerability at the Hack in the Box conference on Wednesday.
The hacker, who goes by the name of “Pinkie Pie,” uncovered and successfully launched the exploit just prior to the deadline for completion, according to an InfoWorld report from the event. Google confirmed to TechCrunch that it had verified Pinkie Pie’s achievement and that the money would soon be in the hands of the digital whiz.
Confirmation was also posted on the Google Chrome blog where it was revealed the hack used the following exploit:
“[$60,000][154983][154987] Critical CVE-2011-2358: SVG use-after-free and IPC arbitrary file write. Credit to Pinkie Pie.”
Pinkie Pie is making a respectable living from his hacking hi-jinks. In March, the young hacker earned another $60,000 in Google’s first “Pwnium competition” when he strung together six vulnerabilities to break out of Chrome’s sandbox.
Such prizes are not uncommon: Google has pledged $2 million in prize money for individuals who can identify security vulnerabilities in its Chrome web browser. $60,000 is the top prize and is awarded to anybody who can find “full Chrome exploits.”
Those who locate “partial exploits” score themselves a check for $50,000, while $40,000 is handed over for non-Chrome exploits including flaws found in Windows, Flash, or any other driver that is not required to use Chrome but could worsen the Chrome user experience.
Google confirmed in February that the lesser prizes would be awarded because such finds helped the company in its mission to “make the entire web safer.”
