Bug Bounty program for Android Apps – Rewards up to $15,000

by Esmeralda McKenzie
Bug Bounty program for Android Apps – Rewards up to $15,000

Bug Bounty program for Android Apps – Rewards up to $15,000

Malicious program Bounty Android

Google is necessary for its rewards for Safety Researchers. A Uncomplicated XSS in any Google subdomain will reward you $1337. Google has its major tackle its Android operating machine and its applications.

Android modified into got by Google in 2005 for $50 Million. Android has been generating big earnings for Google from its Google Play companies and other Android companies.

In every single achieve the sphere Safety, researchers have reported plenty of serious bugs to diverse organizations, in conjunction with Google, Facebook, Apple, Microsoft, and plenty of others.; these reports have averted tens of thousands and thousands of dollars from a data breach for these organizations.

Google’s Malicious program Bounty Program for Android has been save with a maximum reward of $15,000. This might perchance occasionally perchance perchance entice heaps of security researchers to crack birth the Android salvage.

Qualifying Vulnerabilities

A checklist of vulnerabilities is being focussed by Google, which are

  • Arbitrary Code Execution (ACE)
  • Theft of Soundless Records
  • Direction Traversal
  • Intent redirections
  • Orphaned permissions
  • Unsafe usage of pending intents
  • Unauthorized win entry to to sensitive data which are insecurely saved
  • Manipulation of haunted compose to learn sensitive data
  • Full regulate over the application
  • Malicious overwriting of .so file
  • Call exec and walk arbitrary java native code and plenty of others.,

Vulnerabilities which are conception to be as unqualified are,

  • Hardcoded API keys
  • Variants of Strandhogg
  • Assaults with a rooted machine
  • Non-sensitive media win entry to in exterior storage

Application Tiers

In step with the Malicious program Bounty Program, applications are separated into tiers that can have diverse rewards in diverse tiers.

Tier 1

Name Package deal name
Google Play Companies com.google.android.gms
AGSA com.google.android.googlequicksearchbox
Google Chrome com.android.chrome
Google Cloud com.google.android.apps.cloudconsole
Gmail com.google.android.gm
Chrome Distant Desktop com.google.chromeremotedesktop

Rewards for these Tier 1 application vulnerabilities birth from $750 and walk as much as a maximum of $30,000.

Tier 2

Tier 2 belongs to applications that take care of person data, other folks that have interaction with the Tier 1 applications in some manner, or other folks that connect with Google companies.

Rewards for these Tier 2 application vulnerabilities birth from $625 and walk as much as a maximum of $25,000.

Tier 3

Tier 3 applications belong to other folks that enact now no longer take care of person data or have interaction with Google’s companies.

Rewards for these Tier 3 application vulnerabilities birth from $500 and walk as much as a maximum of $20,000.

For additional data about the Google Malicious program Bounty Program, Focus on with Google’s Malicious program Hunter site.

Source credit : cybersecuritynews.com

Related Posts