Android vulnerability highest reward from $50,000 rose to $200,000 – Penetration Testing

Google has paid millions of dollars to security researchers since the launch of the so-called “Android Security Reward” program in 2010, according to Venturebeat. Today, the company announced to raise the amount of reward, because there have been two years no one can receive the highest reward. Google Android team announced today to raise the amount of two loopholes in the offer.

Find a remote vulnerability chain or crack TrustZone, Verified Boot remote loopholes, you can get $ 200,000 bonus, compared with the previous $50,000 four times. Found that the remote kernel vulnerability of people can get $ 150,000 prize money, after $30,000. Want to get these bonuses? As long as the crack to find Android vulnerabilities can be.

Since the launch of the Android Security Rewards program, Google has paid $1.5 million in prize money to security researchers. The company today announced data on the project, which received 450 qualifying reports from researchers last year. In 2016, the average reward for each researcher increased by 52.3% to $1.1 million.

It is foreseeable that Google’s reward is expected to continue to increase, especially if someone found the above two loopholes. Google apparently hopes that this will encourage security researchers to spend more time trying to crack their mobile operating system. In May, Google claimed that the number of Android devices activated by more than 2 billion, the company needs a variety of help to protect these users.

In addition to the existing internal security projects, the Vulnerability Reward Program is a very effective solution. They help not only encourage individuals or hackers to find loopholes, but also direct them to deal with loopholes, rather than malicious use of these loopholes or sell them for profit.

But the loopholes reward program is just a small piece of Google security puzzle. Google today also announced a small-scale upgrade of its latest security strategy in order to be able to cooperate with Android manufacturers more closely. Over the past 90 days, Google has deployed more than 100 device models to run security updates. In addition to looking for vulnerabilities in Android, Google is also trying to fix them, including monthly security updates.

The post Android vulnerability highest reward from $50,000 rose to $200,000 appeared first on Penetration Testing.


Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do

Você está comentando utilizando sua conta Sair /  Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair /  Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair /  Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair /  Alterar )


Conectando a %s