Security News > 2022 > April > Google gives 50% bonus to Android 13 Beta bug bounty hunters
Google has announced that all security researchers who report Android 13 Beta vulnerabilities through its Vulnerability Rewards Program will get a 50% bonus on top of the standard reward until May 26th, 2022.
Bug hunters can get a maximum payout of $1.5 million for a full remote code execution exploit chain on the Titan M used in Google Pixel Phones running an Android 13 Beta build.
"Between April 26th, 2022 and May 26th, 2022 all security vulnerabilities that reproduce exclusively on Android 13 Beta 1 are eligible for a bonus 50% reward payout on top of the standard reward payout," the company says on the Bug Hunters portal.
The list of qualifying flaws includes those found in Android Open Source Project and other OS code, as well as OEM libraries and drivers code, system on chip, MicroController Unit, and any other software used by Android devices if they impact the security of Google devices and platforms.
Security vulnerabilities discovered in the Android 13 Beta between 04/26/22 and 05/26/22 are eligible for a 50% bonus reward payout.
In all, Google had paid over $29 million in bounty rewards since January 2010, when it launched the Chromium vulnerability reward program.
News URL
Related news
- Google paid $10 million in bug bounty rewards last year (source)
- Free VPN apps on Google Play turned Android phones into proxies (source)
- Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies (source)
- Google rolls out new Find My Device network to Android devices (source)
- How to optimize your bug bounty programs (source)
- Google rejected 2.28 million risky Android apps from Play store in 2023 (source)
- Google now pays up to $450,000 for RCE bugs in some Android apps (source)
- Adobe Adds Firefly and Content Credentials to Bug Bounty Program (source)
- Bug hunters can get up to $450,000 for an RCE in Google’s Android apps (source)