Google announced last week that it is offering $1 million in prize to those who find bugs and exploits in Chrome browser. Now the Pwn2Own contest has started at CanSecWest and Google chrome is the first browser to be hacked. Google Chrome was never hacked before at Pwn2Own, this is the first time it was pwned at CanSecWest.
Google conducted a mini contest separate from Pwn2Own at the CanSecWest dubbed as Pwnium. Sergey Glazunov, a Russian University Student and Security Researcher hacked in to a fully patched 64-bit Windows 7 machine with Chrome browser installed. He hacked the machine by bypassing the chrome sandbox technology using a remote code execution vulnerability/exploit in Google Chrome.
Glazunov got $60,000 as a cash prize for the exploit as part of the Google $1 million Pwnium contest. He targeted two distinct zero-day vulnerabilities in the Chrome extension sub system. According to Justin Schuh, a member of the chrome security team this exploit was specific to Chrome and bypassed the browser sandbox entirely, ZDNet reported.
In the Pwn2Own contest at the same CanSecWest conference run by HPâ€
Google Chrome finally been hacked at the Pwn2Own contest, now it canâ€
Via Zdnet