Google to pay up reward of $1.5 million for hacking Pixel phones

By: |
New Delhi | Published: November 22, 2019 8:16 PM

Google introduced its bug bounty programme for Android back in 2015 wherein the winner was rewarded with prize money of $38,000

As the concerns over cybersecurity intensify, tech companies are looking for contributions from the hacker fraternity to mitigate potential loopholes in software for better user experience. Google has revised its bug bounty programme to offer as high as $1.5 million (roughly Rs 10.8 crore) as a reward to security researchers for discovering high-level vulnerabilities on the Pixel 4 smartphones.

In a blog post, Google said it will reward security researchers who can find full exploit chain in Pixel 4 devices with prize money of up to $1 million. The vulnerability that needs to be the top priority while looking for bugs, has to “demonstrate arbitrary code execution, data exfiltration, or a lock screen bypass.” These bugs necessarily have to be those in AOSP code, OEM code, kernel, Secure Element Code, and the TrustZone OS.

The prize money of $1 million will be rewarded when a security researcher manages to break into Titan M chip and explore vulnerabilities impacting the security. Titan M is a chipset that scans the device for potential malware or spyware threat on Pixel devices.

Blocking contacts on WhatsApp to become easier; here’s how

Google said it will provide a payout of $500,000 if the researcher discovers exploit chains on “specific developer preview versions of Android”. This brings the total reward money up to $1.5 million. There are different categories for reward amounts depending on the severity of the discovered vulnerability.

The blog post also mentions certain eligibility criteria for vulnerabilities to qualify under the Android Security Rewards Program Rules, Google’s bug bounty programme.

Google introduced its bug bounty programme for Android back in 2015 wherein the winner was rewarded with prize money of $38,000. Google said it had paid close to $4 million to hackers over time for reporting around 1,800 bugs in Android products.

“Through this program, we provide monetary rewards and public recognition for vulnerabilities disclosed to the Android Security Team,” said Google in the blog post announcing new prize money for bug bounty hunters.

Get live Stock Prices from BSE, NSE, US Market and latest NAV, portfolio of Mutual Funds, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Financial Express is now on Telegram. Click here to join our channel and stay updated with the latest Biz news and updates.

Next Stories
1Chingari with 15 million downloads showing the way to other Made in India apps
2Cyber attacks are on the rise, but you can protect yourself from hackers. Here’s how
3Govt kicks off innovation challenge to boost made in India apps; cash rewards of up to Rs 20 lakh also up for grabs