Security researchers who find vulnerabilities in Tinder and other apps can claim a $1,000 bounty.
(CCM) — Google is offering rewards of $1,000 to hackers who spot security vulnerabilities in apps in the Google Play store and report them to the apps' developers.
The Google Play Security Reward Program, run by bug bounty platform HackerOne, offers rewards for bugs found in all Google-developed Android apps in the Play store, as well as third-party apps including Alibaba, Dropbox, Snapchat, Tinder, and four others. Google plans to expand the program to include more third-party app developers in the near future.
To qualify for the reward, the vulnerability found has to be a serious one which could be used by a malicious hacker to gain control of the user's device and run malicious software on it without the user's knowledge. This would allow a hacker to cause a banking app to make money transfers without the user's consent, or open a web page that could result in a phishing attack. Google will only pay a reward once the vulnerability has been fixed.
Bug bounty programs have become a popular way for companies to encourage security researchers to scrutinize software code for vulnerabilities and report any that they find. This enables them to be fixed before criminals find the same vulnerabilities and exploit them for malicious purposes.
Image: ©Bloomua - Shutterstock.com