Be a Hunter and produce Millions in Google's Bug Bounty Rewards

  • Twitter
  • Facebook
  • Google+
  • Pinterest

The privacy law helps victims of sexual abuse and human trafficking employing many cases can be used by criminals and politicians to acquire a clean record

The bug bounty sector is going stronger than in the past. In the companies themselves to bug aggregators like Zerodium, hackers are being paid in millions for getting vulnerabilities. It would appear that for one bug alone, Google paid over $112,000 to the security researcher. This company released its “Vulnerability Reward Program: 2017 Year in Review” report yesterday, emphasizing all the achievements by security researchers.

The tech giant?awarded bug hunters above 2million dollars for vulnerabilities they found and reported in Google products, in addition to a similar amount for Android as well. In whole, for Android, Chrome and also other Google products, the firm spent nearly 3 million dollars in paying researchers for his or her bug reports.

RelatedGoogle Confirms That Pixel 2 XL’s Proximity Sensor Difficulty Fixed; Will Roll Update Out For Users In Coming Months

The company highlighted one or two researchers to use report who received a whopping bug bounty for their reported bugs. “In August, researcher Guang Gong outlined an exploit chain on Pixel phones which combined a remote code execution bug in the sandboxed Chrome render process that has a subsequent sandbox escape through Android\’s libgralloc,” Google wrote (emphasis is ours).

“During their Android Security Rewards Program he received the most significant reward of year: $112,500. The Pixel was the only real device that wasn\’t exploited during last year\’s annual Mobile pwn2own competition, and Guang\’s report helped strengthen its protections a little bit more.”

While the biggest award went along to?Gong, another security researcher named?gzobqq?received $100,000 for reporting security vulnerabilities within the guest mode of Chrome OS.

Google has announced increasing rewards only a few categories. The corporation said rewards for?remote code executions moves up from $1,000 to $5,000; for any remote exploit chain (or exploit producing TrustZone or Verified Boot compromise) from $50,000 to $200,000, and then for a secluded kernel exploit the rewards will now elevate from $30,000 to $150,000.

RelatedChrome 65 Rolling Out – Security Fixes, Material Design Updates, Tab-Under Blocking, and New APIs

“We\’re also introducing a whole new category including vulnerabilities that will increase the risk for theft of users\’ data, information being transferred unencrypted, or bugs that cause the means to access protected app components,” Google further added. “We\’ll award $1,000 for these bugs.”

Leave a Reply

Your email address will not be published.
Required fields are marked *