bug hunters Archives

AppWizard

August 19, 2024

Google Play ends rewards for Android app bug hunters

Google is set to conclude the Google Play Security Reward Program (GPSRP) on August 31, due to a decline in actionable vulnerabilities being reported, which Google attributes to improvements in Android OS security. The GPSRP, launched in October 2017, incentivized researchers to identify vulnerabilities in popular Android applications on the Google Play Store, expanding over time to include all apps with at least 100 million installations. Through the program, developers earned money for finding security flaws, and it helped over 300,000 developers fix more than 1,000,000 applications, reducing the number of risky apps. The closure of the GPSRP raises concerns about the motivation for security experts to report vulnerabilities responsibly, particularly for apps from companies with weaker bug report management systems.

AppWizard

May 3, 2024

Bug hunters can get up to $450,000 for an RCE in Google’s Android apps – Help Net Security

Google has increased the rewards for bug hunters who discover vulnerabilities in Android applications, with the potential earnings for certain categories of bugs being multiplied by as much as tenfold. The reward for finding a flaw in a Tier 1 app capable of arbitrary code execution has increased to 0,000. Additionally, Google is encouraging bug hunters to submit detailed reports by promising to increase the final reward amount by 1.5 times.