kentoh - Fotolia

Google Play bug bounty hunts RCE vulnerabilities

A Google Play bug bounty program, run by Google and HackerOne, asks testers to hunt for remote code execution vulnerabilities in some of the top Android apps.

Google and HackerOne have partnered to start a new Google Play bug bounty program that incentivizes testers to find critical vulnerabilities in popular Android apps.

The Google Play Security Reward Program is designed to be complementary to Android bug bounty programs run by developers themselves. The Google Play bug bounty is $1,000 for any qualifying vulnerability, paid as a bonus to any other bounties offered.

To be eligible for the Google Play bug bounty, researchers will need to first submit the vulnerability to the original developer of an app. After the vulnerability has been patched, the researcher can request the reward from the Google Play bug bounty program, which is officially named the Google Play Security Reward Program.

At the start of the program, Google will only pay the bonus for remote code execution (RCE) vulnerabilities and proof-of-concept exploits running on Android version 4.4 KitKat and newer. And, the Google Play bug bounty will only be paid for flaws found in apps from just nine developers, including Dropbox, Line, Snapchat and Google, but more developers are expected to be added over time.

Qualifying RCE flaws must be exploitable through a singular app and cannot depend on vulnerabilities in other apps, and will have had to be patched in the 90 days prior to applying for the Google Play Security Reward Program's reward.

"As the Android ecosystem evolves, we continue to invest in leading-edge ideas to strengthen security," said Vineet Buch, director of product management for Google Play, in the HackerOne announcement. "Our goal is to continue to make Android a safe computing platform by encouraging our app developers and hackers to work together to resolve unknown vulnerabilities; we are one step closer to that goal."

Next Steps

Learn more about bug bounties from Bugcrowd CEO Casey Ellis

Find out how private bug bounty programs compare to public programs.

Get info on how Apple's bug bounty compares to others.

Dig Deeper on Application and platform security

Enterprise Desktop
Cloud Computing