Want to earn some cold hard cash from Google? Then be sure to participate in their Bug Bounty Program for Android. The Bug Bounty Program was announced at the Black Hat Mobile Security Summit in London, and Google is looking for some help from folks outside of the walls.
There are a few different categories that these rewards fall into, meaning that the Bug Bounty Program will only cover vulnerabilities found within Nexus devices that are available for sale through the Google Play Store and Nexus 9. There are also different reward categories to differentiate and determine how much money you can win.
$500 is the least amount that you can earn for reporting a moderately sever bug, and go up to $8,000 for those who find and report a serious vulnerability. There are also bonus rewards for bugs found that run the risk of affecting TrustZone or Verfied Boot, as well as anything that can cause issues from installed apps and such. For the TrustZone or Verified Boot bugs, folks can win up to $30,000 for depending upon the severity.
Google provides a table that breaks down how much someone can win when finding a bug. For example, a “moderate bug” can fetch $500 if just found, $750 if you can provide a test case, $1,000 if you can provide a CTS or a patch for the bug, and $2,000 if you can provide a CTS AND a patch for the bug.
Google is offering a boatload of money to those who are willing to help find vulnerabilities in their software for their Nexus devices. To date, since the inception of its Bug Bounty program in 2010, Google has paid out more than $4 million. If you’re looking to find out more information about Google’s Bug Bounty program, check out the link here, and see what you can do to help out Google and your fellow Nexus users.