Google raises max Chrome bug bounty to $150,000

Google has increased the amount of money that it pays out to researchers who find and report on Chrome bugs as part of its ongoing Chrome Vulnerability Rewards Program.

Now, researchers can earn a baseline sum of $15,000 USD (roughly $19,500 CAD), up from $5,000 USD (about $6,500 CAD).

Overall, the maximum amount that a researcher can earn has been raised to $30,000 USD (about $39,100 CAD), up from $15,000 USD (roughly $19,500 CAD). Such a payout will be given for what Google deems a “high-quality report.” Google now has specific details for what constitutes a high-quality report on its website.

Meanwhile, more information on the overall Chrome Vulnerability Rewards Program can be found here.

Altogether, Google says it has received 8,500 bug reports and paid $5 million out to researchers since the program launched in 2010.

In related news, Google has also bumped up Google Play Security Reward Program payouts for remote code execution bugs from $5,000 ($6,500 CAD) to $20,000 (around $26,000 CAD).

Additionally, Google has doubled the rewards for its Chrome Fuzzer Program to $1,000 USD (about $1,300 CAD). In the Fuzzer Program, Google uses automated software to put massive amounts of researchers’ random data (or “fuzz”) into a test subject to get it to crash. Google can then analyze the findings accordingly.

Via: Android Police