Google Says Paid Out $550,000 to Android Bug Researchers in 2016; Increases Payout

Share on Facebook Tweet Snapchat Share Reddit Comment
Google Says Paid Out $550,000 to Android Bug Researchers in 2016; Increases Payout
Highlights
  • Google received as many as 250 vulnerability reports last year
  • It has increased the payout going forward
  • 82 researchers were rewarded last year

Google added Android to its Vulnerability Rewards Program a year ago. The program essentially asks researchers and developers for submitting bugs in its products and services, and in return Google pays them in cash for relevant high quality reports. Google now says it paid as much as $550,000 (roughly Rs. 3.69 crores) to 82 researchers for submitting various Android security bugs, and is looking to raise the amount going forward.

Google has announced that it will be paying more to the researchers from June 1 for submitting vulnerabilities. The tech giant will pay 33 percent more for high-quality vulnerability reports with proof of concept, and give additional 50 percent more if it is submitted with a CTS Test or a patch. The Android Vulnerability Rewards Program is also called the Android Security Rewards programme.

Furthermore, reward for proximal kernel exploit has gone up from $20,000 (roughly Rs. 13,41,000) to $30,000 (roughly Rs. 20,12,000), and top rewards for exploiting TrustZone and Verified Boot will increase from $30,000  to $50,000 (roughly Rs. 33,54,000).

Google received as many as 250 vulnerability reports last year, out of which 25 percent were received in code that was developed and used outside of the Android Open Source Project. Furthermore, Product manager of Android Security, Quan To revealed in the blog post, "More than a third of them were reported in Media Server which has been hardened in Android N to make it more resistant to vulnerabilities."

The highest amount was received by Peter Pi, who submitted a total 26 bugs, and cashed in around $75,750. 15 other researchers got at least $10,000 for submitting varied vulnerabilities. Interestingly, the top prize for exploiting a TrustZone and Verified Boot compromise remains unclaimed.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Tasneem Akolawala When not expelling tech wisdom, Tasneem feeds on good stories that strike on all those emotional chords. She loves road trips, a good laugh, and interesting people. She binges on movies, sitcoms, food, books, and DIY videos. More
Android App and Google Play Support Comes to the First Chrome OS Device
Apple Asks US Supreme Court to Rule Against Samsung Over Patents

Related Stories

 
 

Advertisement

 

Advertisement

© Copyright Red Pixels Ventures Limited 2020. All rights reserved.