Android Hackers: Google Offers $1,000 Bug Bounty for Apps
Google is offering security researchers a $1,000 bounty if they can successfully hack apps on its Play Store and help fix them.
Bug bounty programs are a popular way for companies to reward hackers who find vulnerabilities in their software and disclose them to developers so they can be fixed rather than exploited.
The focus on app security comes as Google launches its new Pixel 2 and Pixel 2 XL smartphones, which run on Android.
Google has been criticized for what has been seen as the poor security moderation of its Play Store.
Research by security company Check Point suggested that Google's automated system failed to detect 50 malware apps which were downloaded up to 4.2 million times before being removed.
Malware does not only affect the Play Store, but due to how open the Android operating system is compared to Apple's iOS - which is tightly controlled by its makers in Cupertino, California -- it has been detected more often by researchers.
According to Symantec, Apple's tight vetting of apps on its store, as well as Android's much larger market share, may be to blame.
Malware apps won't be uncovered by the Play Store bug bounty program however, which will focus on keeping the most popular apps which opt into it secure.
Based in Mountain View, California, Google has partnered with the popular bug bounty platform HackerOne to reward those who find, disclose, and help fix the most serious security flaws.
Only eight developers have opted into the program so far, including Tinder, Snapchat, and Dropbox.
Google also runs reward programs for hackers who find vulnerabilities in its Chrome web browser, which currently offers security researchers $100,000 as its top reward.
© 2018 Sky News under contract with NewsEdge/Acquire Media. All rights reserved.
Posted: 2017-10-28 @ 3:47pm PT
Good thing that they are finding all the loopholes in the software.