- Get link
- X
- Other Apps
Blogs
- Get link
- X
- Other Apps
After popular Android application CamScanner; an app used to take photos of documents and turn them into PDF's was discovered to be compromised by malware (Necro.n) used to show malicious ads and steal user login credentials. Google the tech giant has started to clamp down on malware and the security of their apps.
As a result Google has extended their bug bounty program to include all applications with over 100 million downloads. Reported by Sergiu Gatlan earlier this month on the BleepingComputer over 33 apps with 100m downloads were infected by ckickjacking malware.
The extension of the bug bounty program will mean that security researchers can report bugs and vulnerabilities to Google which in turn will be reported back to the developers. If the developers neglect to patch the vulnerabilities, their apps will be removed from the play store.
Developers do not need to sign up to the bug bounty program as Google will automatically make all apps with over 100m downloads eligible.
All reports can be submitted via the HackerOne bug bounty platform, Google have also increased their rewards for some of their bugs to up to $5,000.
Comments
Post a Comment