Moneycontrol
you are here: HomeNewsTechnology
Last Updated : May 29, 2018 06:42 PM IST | Source: Moneycontrol.com

Google awards a bug bounty of over Rs 24 lakh for finding security flaw

This was his fifth bounty which he received reporting bugs to Google. The first bug bounty worth $500 he received when he was a month shy of 17

Moneycontrol News @moneycontrolcom

Google awarded an Uruguayan teenager about Rs 24.7 lakh as bug bounty for finding a serious security flaw which could give access to an attacker to its internal system.

Ezequiel Pereira, an 18-year-old student at the University of the Republic in Uruguay, found about the bug in February this year. However, he publically wrote about it only after the issue was confirmed as fixed by Google engineers.

He announced that he was awarded $36,337 for a finding a remote code execution vulnerability—the highest tier for bugs.

“In early 2018 I got access to a non-production Google App Engine deployment environment, where I could use internal APIs and it was considered as Remote Code Execution due to the way Google works. Thanks to this I got a reward of $36,337 as part of Google Vulnerability Rewards Program,” he wrote.

This was his fifth bounty which he received reporting bugs to Google. The first bug bounty worth $500 he received when he was a month shy of 17. Since then he received a total of $59,337 in bounties, including the latest one.

Pereira confessed that he was not even aware he had found something this serious. “I was not aware until then that this was regarded as Remote Code Execution, it was a very pleasant surprise,” he said.

Google, like many technology giants, has a Vulnerability Rewards Program which awards security researchers if vulnerabilities are reported to the company.

Last year, the company doled out $2.9 million in 1,230 individual rewards to researchers across the globe. The biggest single reward was worth $112,500.
First Published on May 29, 2018 01:56 pm
Loading...
Sections
Follow us on
Available On