As per the latest report, India’s cyber security expert Rony Das received a reward worth $5000 (roughly around Rs 3.5 lakh) for reporting a bug in the Android Foreground Services. It is said that the bug was dangerous and could easily allow hackers to exploit users’ personal data stored in devices.
This isn’t the first time that Google has done something like this. In the past, we have seen several tech companies such as Apple, Facebook, others also offer bug bounties to researchers, engineers, and cyber experts for finding bugs in their platforms.
As per the information available, Das reported the bug to Google in May earlier this year. He said to have found the bug at the time of running into technical issues while creating an application for the Android platform.
Das said that the bug found was not in line with the purpose of using Android Foreground Services and his exploit could bypass the detection process using this vulnerability. He further explained that the exploit was able to access a phone’s hardware such as camera, microphone, and location without informing the user or sending out any notification.
He refused to share the technical details of the vulnerability for confidential reasons. He was in constant touch with Google to fix the vulnerability.
As per a report coming from East Mojo, the email Google Android Security Team sent to Das stated, “as a recognition of your efforts, we would like to offer you a discretionary reward of $5000. Please note this is a one-time exception to our normal procedures as a thank you for the high-quality submission and follow-up information you provided.”
So far, Google hasn’t shared any information about the fix yet. However, considering the nature of the vulnerability, it is likely that the tech giant will issue a fix via a software update.
Courtesy-https://www.bgr.in/news/indian-cyber-security-expert-gets-around-3-5-lakh-from-google-for-reporting-a-bug-in-android-1028876/