A 16-year-old kid who once applied to work at Googlebut received no response was able to hack Google Chrome just hours before Google ended its $1 million hack challenge during the CanSecWest conference in Canada.
Asking to go by his handle “Pinkie Pie” the teen was able to implement three zero-day vulnerabilities, including one which allow him to escape the browser’s security sandbox and in turn gain control of the targeted systems operating system and applications.
According to the young hacker he spent just a week and a half finding the vulnerabilities and then to develop the exploit. In the last hour of the contest he was able to achieve stability and claim a $60,000 prize.
Instead of openings the calculator application on the targeted machine as other hackers had done during the content his hack ended with an image of an aze-wielding Pinkie Pie pony, a character from the My Little Pony animated series.
Speaking about his ability to get out of the Google Sandbox the hacker revealed that it was actually easier than the other exploits, noting:
“I got lucky because I found a way to do that relatively early.”
The sandbox is suppose to keep your computer safe by making it impossible for malware to escape your web browser and affect other parts of the computer’s operating system and other applications.
Google in the meantime is not commenting on the exploits which they will now work to quickly fix.
In the meantime the resume that the young man sent to Google is now “being looked over” according to a Google representative who was present during the event.