Google has awarded a $60,000 (£37500) dollar prize to a teenage hacker, after he became the first person to discover a potential vulnerability in Google's internet browser Chrome.
The hacker, who goes by the name 'Pinkie Pie' was competing at Hack in the Box, an annual computer security conference being held this year in Kuala Lumpur. Google has discovered and verified the vulnerability for itself, and posted more information on the Google Chrome Blog.
According to the post, Pinkie Pie uncovered the following hole in Chrome's security:
" Critical CVE-2011-2358: SVG use-after-free and IPC arbitrary file write. Credit to Pinkie Pie."
Other hackers who discover exploits in Chrome can expect similar pay outs from Google. Hackers who find "full" exploits like the one revealed by Pinkie Pie will be awarded $60,000; hackers who find partial or non-Chrome exploits - such as problems with Flash that could disrupt Google users - will receive $50,000 and $40,000 dollars respectively. Google has set aside $2m to award to hackers.
Pinkie Pie has won money from Google before. During their own 'Pwnium' competition, he identified six bugs that could disable the security around Google Chrome and collected another $60,000.
In an interview with Ars Technica, just after Pwnium, Pinkie Pie discussed his tricks for discovering exploits:
"Finding vulnerabilities is very luck based, and a new exploit would likely use a totally different code path. But keep in mind that to be eligible for the $60,000, I had to use only bugs in Chrome itself, not the operating system, which is a fairly severe restriction compared to a real attack."
This year's Hack in the Box conference in Malaysia will continue until 11 October.