CWmike writes "A security researcher lost a sure $15,000 at this week's Pwn2Own hacking contest because he had earlier reported the bug to Google, which has patched the vulnerability in its Android Market. 'I missed out money wise,' said Jon Oberheide, co-founder and CTO of Duo Security, a developer of two-factor authentication software. 'But it was good that Google is rewarding researchers. And now I have my first Android vulnerability that qualified for a bounty.' Google cut a check to Oberheide for $1,337."