SOFTWARE DEVELOPER Google has announced it is upping its security bug bounty for its Chromium program from $1,000 to $5,000.
The technology giant revealed the news in a company blog post today, claiming that it has paid researchers a total of over $2m in rewards across its Chromium and Google Web Vulnerability Reward Program (VRP) initiatives since it launched them over three years ago.
Since then, Google has rewarded and fixed more than 2,000 security bug reports.
"Today we're delighted to announce we've now paid out in excess of $2m across Google's security reward initiatives. Broken down, this total includes more than $1m for the Chromium VRP and Pwnium rewards, and in excess of $1m for the Google Web VRP rewards," the firm announced on its Chromium blog.
Google said that it has raised its Chromium reward levels "significantly", with bugs that were previously rewarded at the $1,000 level now being considered for reward at up to $5,000 - five times the prior reward.
"We'll issue higher rewards for bugs we believe present a more significant threat to user safety, and when the researcher provides an accurate analysis of exploitability and severity," the firm added, promising to pay previously announced bonuses on top, such as those for providing a patch or finding an issue in a critical piece of open source software.
Google held its third annual Pwnium competition in March called Pwnium 3, encouraging hackers to crack the Chrome operating system (OS) for rewards of up to $3m.
Pwnium 3 was designed to "improve internet security for everyone" by alerting Google to potential vulnerabilities in its software, while at the same time getting the best researchers in the industry to showcase their skills and take home some rewards. µ
Sign up for INQbot – a weekly roundup of the best from the INQ