Google paid out $2.8 million in bug bounties in 2015

By

First year Android added to vulnerability reward program.

Google’s vulnerability reward program paid out US$2 million (A$2.8 million) worth of bug bounties in 2015, bringing the total value of the scheme to more than US$6 million since it started in 2010.

Google paid out $2.8 million in bug bounties in 2015

In the first year the web giant brought its Android operating system into the program, it has seen a rapid jump in rewards paid out, from US$1.5 million in 2014.

It handed rewards to security researchers as far flung as Poland, Romania, Israel, Brazil and China throughout the year.

“Rewarding security researchers for their hard work benefits everyone,” wrote Google’s Eduardo Vela Nava in a blog.

In 2015, for example, Russian researcher Kamil Histamullin uncovered a flaw in the YouTube creator studio that would allow anyone to delete someone else’s videos simply by changing a parameter in the URL.

Histamullin, who was already working under a vulnerability rewards program grant, received US$5000 for his discovery.

The past 12 months marked the first year the Android mobile operating system was added to the vulnerability reward program, having a “significant and immediate impact” on the scheme straight away, said Vela Nava.

In the half year that bug bounties were offered for Android flaws, Google paid out US$200,000 to researchers, including one single payment of US$37,000.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Log In

  |  Forgot your password?