May 1, 2024 at 11:21AM
Google has raised the bug bounty rewards for its Mobile VRP, offering up to $450,000 for a single vulnerability report meeting certain criteria. Researchers can earn up to $150,000 for code execution flaws in Tier 2 apps and $45,000 for issues in Tier 3 apps. Reports without proposed patches may earn up to $300,000.
Summary of Google Mobile VRP announcement:
– Google has increased bug bounty rewards ten-fold for its Mobile VRP program launched last year.
– Close to $100,000 has been paid out in bug bounty rewards since the program began in May 2023.
– Researchers can now earn up to $450,000 for a single vulnerability report meeting specific criteria.
– Reports without a proposed patch and root cause analysis can still earn up to $300,000 in rewards, a ten-fold increase from last year.
– Top rewards are offered up to $150,000 for code execution flaws in Tier 2 apps and up to $45,000 for issues in Tier 3 apps within the scope of the program.