Google Chrome Gets Hacked Again – This Time By A Teenager – Another $60k Reward!

Pwnium  is in progress and we have a second full Chrome pwn, interestingly by a Teenager who will get $60,000 from Google as announced.The hacker who identified himself only as PinkiePie said he spent the past week and half working on the attack. It combined three previously unknown vulnerabilities to gain full system access to a Dell Inspiron laptop that ran a fully patched version of Chrome on top of the most up-to-date version of Windows 7.

This is the second full attack of Google Chrome during the conference. The first hack was by Sergey Glazunov who also won $60,000 from Google. 5 Chrome vulnerabilities have been found as part of these two hacks and 2 of them have been patched.

chrome security  Google Chrome Gets Hacked Again   This Time By A Teenager    Another $60k Reward!

While “Pinkie Pie” was previously unknown to onlookers here, Googlers described him as a “known and respected security researcher.” He said he never considered selling the vulnerability to third-party brokers.  ”I’ve never sold a vulnerability before.”

Strangely, which sandbox escapes are rare, Pinkie Pie said the easiest part of his attack was jumping out of the Chrome sandbox after the initial exploit.

“I got lucky because I found a way [to jump out of the sandbox] very early.  I figured it out by looking at it carefully,” he added. He declined to discuss specifics of the vulnerabilities or the exploit techniques, deferring comments to Google representatives.

So, now we can wait for another patch from the Google team fixing this vulnerability.

chrome security  Google Chrome Gets Hacked Again   This Time By A Teenager    Another $60k Reward!

For many, this will be a reason to say, “See, Chrome is not as secure as you think” Yes, we have to agree, no software is perfect. But this move from the Chrome team of encouraging security researchers to find vulnerabilities of the browser and patch them before “bad guys” get their hands on them,  I must call it “Smart

[Source]

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s