Google this week launched a new bug bounty scheme called the Mobile Vulnerability Rewards Program(Mobile VRP) – aimed at finding bugs in it’s first-party Android apps.
Aside from it’s own, Google also lists apps from it’s partners and acquired companies too as eligible in the program. Depending on the nature of the vulnerability, Google pays the finders anywhere between $2,250 to $30,000.
Rewarding For Security Bugs
To “find and fix vulnerabilities in its mobile applications” faster and better, Google is seeking the help of external security researchers through a new bug bounty program, called the Mobile Vulnerability Rewards Program.
We are excited to announce the new Mobile VRP! We are looking for bughunters to help us find and fix vulnerabilities in our mobile applications. https://t.co/HDs1hnGpbH
— Google VRP (Google Bug Hunters) (@GoogleVRP) May 22, 2023
Launched this week, Google said all it’s first-party Android apps are eligible for this program and those developed with Google, Research at Google, Red Hot Labs, Google Samples, Fitbit LLC, Nest Labs Inc, Waymo LLC and Waze. Some of these have been categorised as Tier 1 bugs, making them important on the list. These include;
- Google Play Services
- AGSA
- Google Chrome
- Google Cloud
- Gmail
- Chrome Remote Desktop
Qualifying bugs include those that let hackers execute arbitrary code(RCE attacks), theft of sensitive data and any loopholes that could be chained with other flaws to lead to a similar impact. Hacks like path traversal, zip path traversal, orphaned permissions, malicious redirections for further exploitation etc.
Google notes the maximum reward under this would be $30,000 – given to bugs like remote code execution without user interaction and up to $7,500 for bugs allowing for remote data theft.
This is the second VRP program Google launched for the Android ecosystem, with the first one being in 2010. So far, Google has awarded more than $50 million to thousands of security researchers worldwide for reporting over 15,000 vulnerabilities.
Other Trending News:- News
