A teenage hacker who goes by the name of “Pinkie Pie” will receive $60,000 in prize money from Google, by producing the first Chrome vulnerability at the Hack in the Box conference on Wednesday. The exploit was discovered and successfully launched just ahead of the deadline for completion, according to early reports from the event. Before awarding the cash prize, Google had to first verify and confirm the vulnerability – which it just now did, the company tells us via email. More details have also been posted to the Google Chrome blog.
According to the blog post, the hack involves the following exploit:
[$60,000] Critical CVE-2011-2358: SVG use-after-free and IPC arbitrary file write. Credit to Pinkie Pie.