Google announced last week that its Vulnerability Rewards Program launched in the year 2010 has seen an eighth-year last year on a consecutive note and paid out $15 million in rewards. The rewards include a spend of $3.4 million to 1300 hackers from over 78 countries across the globe who revealed vulnerabilities in Android and Chrome systems.
The internet juggernaut also announced that the biggest reward it distributed last year was $41,000- however, it’s not clear whether the award was bagged by an individual or a company.
Cybersecurity Insiders has learned that a 19- year old individual named Uruguay’s Ezequiel Periera was the topper in the list as he disclosed to the world about a Remote Code Execution “RCE” bug that gave access to Google Cloud Platform Console.
The second in the list was Tomaz Bojarski from Poland who has uncovered a bug related to Cross-site scripting, that allows hackers to change the behavior or appearance of a website, siphon vital info and impersonate the admin actions to change the website configurations.
Note 1- Last week, Google introduced a new Chrome extension which suggests a change of a password if any of the online accounts have been compromised in a data breach or are no longer considered as safe.
Note 2- Any Google-owned service which handles sensitive data like YouTube and Google have been included in the Vulnerability Rewards Program. Also, the list of Nonqualifying vulnerabilities has also been updated with the latest.