Google erhöht Bug-Bounty-Belohnungen um das Fünffache, bis zu $151K

Google has announced a fivefold increase in payouts for bugs found in its systems and applications reported through its Vulnerability Reward Program, with a new maximum bounty of $151,515 for a single security flaw.

“As our systems have become more secure over time, we know it is taking much longer to find bugs – with that in mind, we are very excited to announce that we are updating our reward amounts by up to 5x,” Google said.

The new highest reward combines “$101,010 for an RCE in our most sensitive products, with a 1.5x modifier applied for exceptional report quality = $151,515).”

Only vulnerability reports submitted starting today, July 11th, at 00:00 UTC, will be eligible to be paid using the new rewards table.

In addition to offering higher payouts, the company recently expanded payment options, including the possibility of receiving payments through Bugcrowd.

The updated Reward Amounts section of the Google VRP rules provides more information on Google’s changes to the reward amounts and new payout structure.

Example Vulnerability	New Reward	Old Reward
Logic flaw leading to account @gmail.com takeover	($50,000 * 1.5) = $75,000	$13,337
XSS on idx.google.com	($10,000 * 1.5) = $15,000	$3,133.7
Logic flaw disclosing PII on home.nest.com	($2,500 * 1.5) = $3,750	$500

Recent Google VRP developments

Last week, Google launched kvmCTF, a new VRP announced in October 2023 to improve the security of the Kernel-based Virtual Machine (KVM) hypervisor. kvmCTF focuses on VM-reachable bugs in the KVM hypervisor and offers a $250,000 bounty for full VM escape exploits.

One year ago, the company also tripled rewards for Chrome sandbox escape chain exploits until December 1st, 2023.

Since its Vulnerability Reward Program (VRP) was launched in 2010, Google has paid more than $50 million in bounties to security researchers who reported more than 15,000 vulnerabilities.

Last year alone, Google paid $10 million, with the highest reward being paid to a bounty hunter who collected $113,337.

The highest-ever VRP bounty was $605,000, paid to gzobqq in 2022 for a series of five security bugs in an Android exploit chain. The same security researcher reported another critical Android exploit chain in 2021, earning a $157,000 payout.

Kommentar verfassen Kommentieren abbrechen

London, GB

7:36 pm, Jan. 19, 2025

3°C

L: 2° | H: 4°

Fühlt sich an wie 1°C° overcast clouds

Luftfeuchtigkeit: 84 %

Druck: 1020 mb

Wind: 5 mph SE

Windböe: 0 mph

UV-Index: 0

Niederschlag: 0 mm

Wolken: 100%

Regen Chance: 0%

Sichtbarkeit: 10 km

Sonnenaufgang: 7:55 am

Sonnenuntergang: 4:26 pm

TäglichStündlich

Tägliche VorhersageStündliche Vorhersage

Today 9:00 pm

2° | 4°°C 0 mm 0% 2 mph 84 % 1020 mb 0 mm/h

Tomorrow 9:00 pm

3° | 7°°C 0 mm 0% 6 mph 88 % 1020 mb 0 mm/h

Di. Jan. 21 9:00 pm

2° | 7°°C 0 mm 0% 4 mph 95 % 1017 mb 0 mm/h

Mi. Jan. 22 9:00 pm

4° | 6°°C 1 mm 100% 6 mph 99 % 1009 mb 0 mm/h

Do. Jan. 23 9:00 pm

4° | 8°°C 1 mm 100% 14 mph 89 % 1006 mb 0 mm/h

Today 9:00 pm

3° | 4°°C 0 mm 0% 2 mph 84 % 1020 mb 0 mm/h

Tomorrow 12:00 am

3° | 3°°C 0 mm 0% 2 mph 79 % 1020 mb 0 mm/h

Tomorrow 3:00 am

3° | 3°°C 0 mm 0% 2 mph 74 % 1019 mb 0 mm/h

Tomorrow 6:00 am

4° | 4°°C 0 mm 0% 1 mph 71 % 1019 mb 0 mm/h

Tomorrow 9:00 am

4° | 4°°C 0 mm 0% 3 mph 72 % 1019 mb 0 mm/h

Tomorrow 12:00 pm

6° | 6°°C 0 mm 0% 5 mph 70 % 1019 mb 0 mm/h

Tomorrow 3:00 pm

7° | 7°°C 0 mm 0% 6 mph 76 % 1017 mb 0 mm/h

Tomorrow 6:00 pm

5° | 5°°C 0 mm 0% 4 mph 82 % 1018 mb 0 mm/h

Name	Preis	24H (%)
Bitcoin(BTC)	€102,351.53	0.97%
Ethereum(ETH)	€3,331.97	4.18%
XRP(XRP)	€3.10	-0.49%
Fesseln(USDT)	€0.97	-0.02%
Solana(SOL)	€264.40	5.35%
Dogecoin(DOGE)	€0.387216	0.73%
USDC(USDC)	€0.97	0.00%
Shiba Inu(SHIB)	€0.000021	-3.74%
Pepe(PEPE)	€0.000018	-3.01%
Peanut das Eichhörnchen(PNUT)	€0.491434	-1.90%

Google erhöht Bug-Bounty-Belohnungen um das Fünffache, bis zu $151K

Teilen:

Recent Google VRP developments

Kommentar verfassen Kommentieren abbrechen

Verbindung zum Dienstprogramm

Nützlicher Link

Newsletter

Folgen Sie uns