Skip to main content

Google paid out over $10 million in bug bounties throughout 2023

Google’s Vulnerability Reward Program paid out a whopping $10 million to over 600 researchers for bug bounties in 2023.

In a post the Google Online Security Blog’s “Year in Review”, the Mountain View firm detailed the specifics of this sizeable sum. 632 researchers in 68 countries were rewarded for finding vulnerabilities within Android, Wear OS, Android Automotive, Chrome, and many more Google products. For those wondering, the single highest bounty was a staggering $113,337.

Android bugs and vulnerabilities accounted for $3.4 million. Google even increased the reward for critical vulnerabilities in our favorite mobile OS’s maximum to $15,000 last year.

Chrome bug bounties added up to another sizeable $2.1 million for Google in 2023, accounting for 359 unique reports within the web browser. Increased rewards were offered for V8 bugs in older Chrome builds. The result was fewer long-standing problems and reports of issues but the resolution of a V8 JIT optimization bug that has been around since Chrome M91 released back in May 2021.

50 bugs and vulnerabilities were also found in Fitbit and Nest products and hardware. Although a much smaller proportion of Google’s business, $116,000 was paid out in bounties for bugs found here.

LLMs are also now included within Google bug bounty program. The firm highlighted a live-hacking event “Hacking Google Bard” and even paid out bounties to the tune of $87,000. Given the rapid ongoing development of AI, specific criteria for bugs in AI products have been published to help researchers pinpoint issues and determine what constitutes a “bug” when working with AI products.

Although a huge figure, this is actually dip compared to the $12 million that Google paid for bug bounties in 2022.

More on Google:

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Damien Wilde Damien Wilde

Damien is a UK-based video producer for 9to5Google.

Find him on Threads: @damienwildeyt

Email: damien@9to5mac.com / secure email: damienwilde@protonmail.com


Damien Wilde's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications