How Can You Make Money by Killing Bugs for Google
MobileAppDaily

How Can You Make Money by Killing Bugs for Google

Google will cash out between $1,000 to $100,000 to anyone who can spot flaws in any app on Google Play Store

google published date 20th October, 2017 Joshua Anderson

Google Bug Bounty Program

Google, announced on Thursday, that it will offer a minimum of $1,000 to people who spot flaws in ANY Android app. In order to clean up its Google Play Store, the tech giant has launched a cleansing program called 'bug bounty program.' Google has long been struggling to block malware and problems with apps. It's ready to tackle the issue as it partners with HackerOne, a bug bounty program management site to revive the health of its online eco-system.

Related :  Google is Going to Add Panic Button for The Users to ditch Vulnerable Apps

Ever since the genesis of Google’s bug bounty program, launched in 2010, Google has doled out a total of $9 million on malware research- one-third of which ($3 million) has been paid over the course of its 2016 Vulnerability Rewards Program. Last March, Google went on to double the bounty for a Chromebook hack from $50,000 to $100,000 but pulled off after no one managed to do the task.In the latest round of bug bounties, Google doled out 1,000 individual rewards to 350 participants, with the largest single reward crediting $100,000. As a part of its Google Play Security Reward Program, the tech giant also sponsors research into software created by other companies. Bug bounties by Microsoft Corp, Apple and Alphabet have been awarded only for tracing flaws in their own software.

Related :  Google Arts & Culture App Is Users' Goldmine But Has A Data Problem

As for the dollars doled out in the preceding year, Google awarded $3,134 to researcher Tomasz Bojarski, for an XSS vulnerability identified on its events site (events.google.com). A “bug chain bonus” of $5,000 and another $7,500 for a JavaScript exploit targeting the Google account recovery page and a Chrome OS vulnerability involving a one byte DNS library overflow, detailed at the Project Zero blog.

In a report on the annual bug bounty rewards, Google noted that participation from Indian researchers is on the upswing. One of the VRP participant that the team met at Nullcon in India actually funds his own startup with the reward money. Why is Google spending all this money? What’s the aim of launching its own Vulnerability Reward Program? All answers are revealed in Google’s Security Blog:

Related :  Google Announced Now Developers have Access to The Instant Apps

“On the product side, we saw amazing contributions from Android researchers all over the world, less than a year after Android launched its VRP. We also expanded our overall VRP to include more products, including OnHub and Nest devices.

We increased our presence at events around the world, like pwn2own and Pwnfest. The vulnerabilities responsibly disclosed at these events enabled us to quickly provide fixes to the ecosystem and keep customers safe. At both events, we were able to close down a vulnerability in Chrome within days of being notified of the issue.”

Are you ready to make the most out of this opportunity? Google is calling you for help and the rewards are in a bounty.

For the Latest Mobile App Technology News and Reviews, follow MobileAppDaily on Twitter, Facebook, Linkedin, Instagram and Flipboard

Joshua Anderson

Joshua Anderson

Joshua is a writer at MobileAppDaily and also works as a reporter for the team to keep our readers up to date. He is breaking the mobile app technology news for MobileAppDialy since 2016 and has more than 4 years of experience as a tech blogger.

Was this article helpful?