Apple employee finds bug on Chrome but misses out on $10,000 bug bounty

The Apple employee didn't report the bug right away, Google says

Google has rewarded the reporter of a small bug with a sizeable financial reward, despite this person not being the one who found the bug.

An Apple employee located the previously unknown bug during a Capture The Flag hacking competition in March. But as TechCrunch reports, they didn’t report the issue right away.

In a Discord channel, the person claiming to be the Apple employee said they worked on the bug for two weeks to find the root cause and create a detailed report for their higher-ups to sign off on. They reported the bug on June 5th.

“Yes it was late, there are multiple reasons for that,” the Apple employee wrote on Discord. “It’s commendable that Chrome decided to fix it asap, but I think there wasn’t any real urgency.”

The person who received the $10,000 USD (about $13,217 CAD) reward was also participating in the competition but didn’t locate the bug themselves. They also weren’t on the team that found the bug.

A report on the matter revealed this person reported the bug because they were unsure if the team who found it had done so. “So I wanted to be safe,” the person told Google.

The bug was zero-day, and Google wasn’t aware the bug existed at the time.

Image credit: Shutterstock 

Source: Google Via: TechCrunch