It is an increasingly common occurence to hear news about Google awarding huge sums to developers, hackers or testers for findng bugs. Ever wondered why? Well, the reason is simple. Google has increased its rewards for remote code execution bugs for Google, YouTube and Blogger domains.
The increase of amount is from $20,000 to $31,000, including a bonus of $1,337 or else called 'leet reward'.
This is because it has become more difficult to identify high profile vulnerabilities over the years and researchers are taking more time to find them.
In 2016, security researchers were paid $3 million by Google through bug bounty program, along with Chrome and Android bug-finding programs.
According to Google, China took the lead in 2016, who was in fourth place in 2015. US scored after China,followed by India, Germany, France, UK, Israel, Russia, Poland, and Canada.
Researchers from china got $675,000 last year, Russia was in second place earning $351,000. Being in third place. hackers from India got paid $84,000.
Josh Armour, security program manager at Google noted that the distribution of payments had only increased the performance of researchers, and this time 30% of rewards was achieved by 40% of Indian researchers.
So, how was the $3 million spent? Well, $800,000 of the amount was spent on bugs valued from $1,338 and $3,133.7, while a bracket total of $7oo,oo were spent on bugs valued between $5,001 to $7,500. Also, around $400,000 were spent on bugs valued at more than $20,000