Finding vulnerabilities in Android has its reward: this is what you pay Google

Android Lock

Android has a lot of virtues (which is why it is the preferred operating system by many users), but it also has some defects. We have a huge amount of applications, a lot of freedom to do with our smartphone what you want and a large amount of models from which to choose according to our taste.

however, Android is not perfect, and is that, due to its huge popularity, is the primary target of numerous attacks through malware. Google is struggling to fill any crack of security, and its main weapon is the program Android Security Rewards, which has already paid more than a million and a half dollars by discovering vulnerabilities and malware.

The program Android Security Rewards was opened in 2015, and consists of a system of rewards for teams or individuals who report to Google any type of vulnerability that can affect the provided operating system. Throughout these two years, Mountain View has paid out more than $ 1.5 million, and thanks to this program you can free up each month’s security patches.

Google has paid in the second year of the program Android Security Rewards more than a million and a half dollars, with some of its researchers having received a minimum of $ 10,000.

According to Google, during this last year paid a total of 115 individuals an average 2,150 dollars for each reward. In terms of C0RE Team, his team of researchers stronger, has received more than $ 300,000 for your 118 reports of vulnerabilities. They also say that 31 researchers received rewards of $ 10,000 or more.

A fact that let to see is that no other researcher has managed to comprometar ‘TrustZone’ or ‘Verified Boot’, which is the greatest reward of all. Before this, Google has increased the amount of money that they will receive the researchers manage to find a vulnerability in any of them $ 50,000 up to 200,000. On the other hand, they find an exploit remote kernel, you will no longer receive $ 30,000, but 150.000.

anyone who is interested in participating in the program Android Security Rewards (ASR), you can find more information at this link, as well as the rules of the same. Of time, in the following table you can see the terminals that incorporate the patches monthly most recent that protect against different vulnerabilities.



BlackBerry Priv



General Mobile

GM5 Plus D, GM5 Plus, General Mobile 4G Dual, General Mobile 4G


Gionee A1


Pixel XL, Pixel, Nexus 6P, Nexus 6, Nexus 5X, Nexus 9


LG G6, V20, Stylo 2 V, G PAD 7.0 LTE


the Bike Z, Moto Z Droid


CPH1613, CPH1605


Galaxy S8+, Galaxy S8, Galaxy S7, Galaxy S7 Edge, Galaxy S7 Active, Galaxy S6 Active, Galaxy S5 Dual SIM, samsung Galaxy C9 Pro, Galaxy C7, Galaxy J7, Galaxy On7 Pro, Galaxy J2, Galaxy A8, samsung Galaxy Tab S2 9.7


Android One S1, 507SH


Xperia XA1, Xperia X


Live 1609, Living 1601, Live Y55

Via | Phone Arena
Xataka Android | The security on Android in 2016: the malware is low, but the security updates still fail to reach all

The news to Find vulnerabilities in Android has its reward: this is what you pay for Google was originally published in Xataka Android by Santiago Luque .

Xataka Android

Finding vulnerabilities in Android has its reward: this is what you pay Google
Source: english  
June 2, 2017

Next Random post