Google has announced a new Android bug bounty program offering rewards in the tens of thousands for those looking to try out their expertise. The new Mobile Vulnerability Reward Program (VRP) was announced on Twitter, where the company noted, “We are excited to announce the new Mobile VRP! We are looking for bughunters to help us find and fix vulnerabilities in our mobile applications.”
According to the program summary, first-party Android apps are the key focus of this Mobile VRP, where vulnerabilities are hoped to be found and eliminated to keep users’ data safe. Tier 1 applications are considered in scope for the program, comprising Google Play Services, AGSA, Google Chrome, Google Cloud, Gmail, and Chrome Remote Desktop.
Beyond the above, Tier 1 apps, the program also considers apps made by the following developers: Google LLC, Developed with Google, Research at Google, Red Hot Labs, Google Samples, Fitbit LLC, Nest Labs Inc., Waymo LLC, Waze.
