Google offering US$1m in prizes for hackers who exploit Chrome


28 Feb 2012

Google is offering up to US$1m worth of prizes to people who can exploit its browser Chrome at this year’s CanSecWest security conference in Vancouver.

Google will give prizes of US$60,000, US$40,000 and US$20,000 depending on how participants manage to exploit Chrome on a Windows 7 PC whether only bugs in Chrome are used, a combination of Chrome bugs and other bugs are used or if only other bugs are used. Winners will also receive a Chromebook.

The US$1m prize fund will be on a “first-come-first-served” basis and Google will require each set of exploit bugs to be fully functional end-to-end, present in the latest versions of Chrome and genuinely unheard of before.

Google is setting the challenge in order to discover unknown vulnerabilities within its Chrome browser.

“We have a big learning opportunity when we receive full end-to-end exploits,” wrote the company in a blog post.

“Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing and sandboxing. This enables us to better protect our users,” it wrote.

Chrome has seen a lot of success in previous browser hacking challenges. In the Pwn2Own competition, participants must attempt to hack each browser. Chrome has survived these hacks for three years in a row.