No, actually ZDI was right, because VUPEN broke out of Chrome's sandbox in the Pwn2Own contest (not Google's contest) and refused to explain the vulnerability, because it's far more valuable to sell to their customers:
"A Google engineer offered Bekrar $60,000 on top of the $60,000 he stands to earn in the Pwn2Own contest if he handed over the sandbox exploit and details. But Bekrar declined and joked that he might consider the offer if Google bumped it up to $1 million. After the Google engineer left the conversation, Bekrar told Wired that money wasn’t the main enticement for him and he had no plans to hand over the exploit to Google.
"The Google security team member expressed frustration at Bekrar’s reluctance to provide information about the vulnerability so that it could be fixed."
http://www.wired.com/threatlevel/2012/03/pwnium-and-pwn2own/
"A Google engineer offered Bekrar $60,000 on top of the $60,000 he stands to earn in the Pwn2Own contest if he handed over the sandbox exploit and details. But Bekrar declined and joked that he might consider the offer if Google bumped it up to $1 million. After the Google engineer left the conversation, Bekrar told Wired that money wasn’t the main enticement for him and he had no plans to hand over the exploit to Google.
"The Google security team member expressed frustration at Bekrar’s reluctance to provide information about the vulnerability so that it could be fixed."