Publications
Partners
Cape Town – Internet giant Google has paid out more than $500 000 to improve security in the Android mobile operating system (OS).
The search giant announced that it had paid out $550 000 to 82 people in its Android Security Rewards programme.
“While the programme is focused on Nexus devices and has a primary goal of improving Android security, more than a quarter of the issues were reported in code that is developed and used outside of the Android Open Source Project,” said Quan To, Google programme manager for Android Security on the Google blog.
The Android programme is an expansion of the Google Vulnerability Rewards Programme which pays out up to $38 000 for reports that help close security holes in the mobile OS.
Google said that its top reward payment went to top researcher @heisecode who was paid $75 750 for 26 vulnerability reports.
Increased pay-outs
READ: Dangerous banking malware targets Android
The company also announced that it will increase pay-outs for vulnerability reports.
“We will now pay 33% more for a high-quality vulnerability report with proof of concept. For example, the reward for a Critical vulnerability report with a proof of concept increased from $3 000 to $4 000,” said To.
Security firm Kaspersky Lab recently reported that Acecard banking malware was able to bypass Google’s Play Store security controls and trick users into downloading it.
“The combination of Acecard’s capabilities and methods of propagation make this mobile banker one of the most dangerous threats to users today,” warned Roman Unuchek senior malware analyst at Kaspersky Lab US.
The company said that the code of the malware is similar enough to malware like TOR Trojan for Android Backdoor.AndroidOS.Torec.a and ransomware Trojan-Ransom.AndroidOS.Pletor.a that it indicates similar authorship as criminals develop increasingly sophisticated means of attacking Android smartphones.
StatCounter data puts the Android mobile phone OS at 68.8% market share, followed by Apple’s iOS at 18.6%. In, Android commands 68.7% followed by BlackBerry at 9.6%.
Gartner said that global smartphones sales are expected to hit 1.9 billion by 2020 despite a slowing market.
Google said that 15 researchers were paid more than $10 000.
“If you’re interested in helping us find security vulnerabilities, take a look at Bug Hunter University and learn how to submit high quality vulnerability reports. Remember, the better the report, the more you’ll get paid,” said To.
- Follow Duncan on Twitter
