Google raises reward for reporting bugs to $5,000

Google's Chromium reward level increases follow on from similar increases under the Google Web programme.

Published Date
21 - Aug - 2013
| Last Updated
21 - Aug - 2013
 
Google raises reward for reporting bugs to $5,000

Google has upped the bounty for reporting bugs in its Chrome browser by 5-times, up to $5,000. Google also reveals it has so far shelled out $2,000,000 (USD) across Google’s security reward initiatives. Breaking down further, the amount includes more than $1,000,000 (USD) for the Chromium VRP / Pwnium rewards, and over $1,000,000 (USD) for the Google Web VRP rewards.

“Today, the Chromium program is raising reward levels significantly. In a nutshell, bugs previously rewarded at the $1,000 level will now be considered for reward at up to $5,000. In many cases, this will be a 5x increase in reward level!,” says Google in a blog post.

“We’ll issue higher rewards for bugs we believe present a more significant threat to user safety, and when the researcher provides an accurate analysis of exploitability and severity. We will continue to pay previously announced bonuses on top, such as those for providing a patch or finding an issue in a critical piece of open source software.”

Tech giants such as Microsoft, Google and Facebook as well as the ethical hackers have hugely benefited from the bounty programmes.

Facebook recently revealed it has paid out over $1 million to researchers who have spotted vulnerabilities in the social networking website. By country, the U.S. leads the list of most bounty recipients followed by India. The UK is at the third position while Turkey is fourth.

The social networking giant reveals it had given bounties to 329 people across 51 different countries. Facebook had hired two recipients full-time for discovering loopholes that could have allowed malicious hackers target the network and its users.