New Google bug bounty program for Android apps launched

Google has introduced its new Mobile Vulnerability Rewards Program that would offer rewards for the identification of security flaws in Google's first-party Android applications, BleepingComputer reports. Aside from covering Google's "Tier 1" applications including Google Play Services, Google Cloud, Google Chrome, Chrome Remote Desktop, AGSA, and Gmail Mobile VRP also spans security vulnerabilities in other apps developed by Research at Google, Google Samples, Nest Labs, Fitbit, Waze, and Red Hot Labs. Google will be handing out bounties of up to $30,000 for remote code execution bugs that do not require user interaction and a maximum reward of $7,500 for those enabling remote sensitive data exfiltration. "The Mobile VRP recognizes the contributions and hard work of researchers who help Google improve the security posture of our first-party Android applications. The goal of the program is to mitigate vulnerabilities in first-party Android applications, and thus keep users and their data safe," said Google.