Google starts new security rewards program for finding vulnerabilities in Play Store apps
It seems like just about every week we’re writing about new apps that have been pulled from the Google Play Store after researchers contacted Google showcasing vulnerabilities that allowed the apps to install malware and other malicious code. Google themselves are no strangers to rewarding those who play white hat hacker, as they currently offer rewards programs for their own sites and Chrome and Chrome OS.
Today the company has announced the Google Play Security Reward Program to incentivize researchers to come forward about vulnerabilities in popular apps on the Google Play Store. Using the HackerOne platform, researchers will be able to submit vulnerabilities directly to developers and once it has been addressed, they’ll receive a reward from Google Play.
Google hopes this will help app developers keep vulnerabilities out of their apps, which has been a problem on Android for a while now, as evidenced by the numerous stories just over the last year. Here’s a peek at some of them.
- How Google immediately busted 20 spyware apps on Google Play
- DDoS malware existed inside 300 apps on Google Play Store
- Android malware discovered in popular wallpaper apps
- New DressCode malware slips into Google Play Store undetected
- Harmless malware discovered in 130 apps on Google Play Store
- Skyfin is a new Android malware that can download APKs