Last year at the hackin competition, Pwn2Own, noone could bring Chrome to it’s knees, but this year Chrome was hacked in 5 minutes!
It was programmers from the French firm, Vupen, who managed to hack the widely used browser by using a few zero-day-exploits. Last year, when nobody managed to hack Chrome, Google announced serveral times a bounty on over 60.000$ to the one(s), who could hack Chrome.
In an interview to ZDnet, Vupen said:
“We wanted to show that Chrome was not unbreakable. Last year, we saw a lot of headlines that no one could hack Chrome. We wanted to make sure it was the first to fall this year,” he said”
Even though Chrome was finnaly hacked, Vupen still believes that Google Chrome is the most secure browser out there.
“The Chrome sandbox is the most secure sandbox out there. It’s not an easy task to create a full exploit to bypass all the protections in the sandbox. I can say that Chrome is one of the most secure browsers available.”
Vupen also tells in the interview that their team of programmers, who hacked Chrome, used 6 weeks of preparation to find exploits and passages through Chromes security.
“This just shows that any browser, or any software, can be hacked if there is enough motivation and skill,”