Google has expanded its bug-bounty program to supply a whopping $1.5 million for a top-notch Android 13 Beta exploit – particularly, for a hack of the Titan M safety chip that ships with Pixel telephones.
Android 13 Beta grew to become obtainable final week to builders and early adopters, with Google promising an outsized deal with privateness and safety. It apparently goals to ship in that division, if the bounty bump is any indication.
The Web large introduced a 50% bonus for all Android 13 Beta exploits on Twitter and up to date its Android program web page to mirror the provide, including an essential caveat: “Vulnerabilities have to be unique to Android 13 and should not reproduce on another model of Android,” it famous.
To make the most of the largess, bug hunters might want to set off on safari quickly: The elevated rewards are solely good for stories filed earlier than Could 27.
Placing the $1.5M Payout into Context
For a way of perspective on that payout quantity, it is value noting that $1.5 million is exponentially bigger than the highest-ever bounty for an Android vulnerability, which was paid final 12 months — $157,000 for a important exploit chain in an unspecified element. It is also half the quantity paid out within the entirety of 2021 for Android flaws ($3 million whole, throughout a whole lot of exploits), and roughly equal to the sum whole of payouts in 2020. So, it is a lot of affection for one bug.
That stated, the probability of seeing a payout that dimension is a protracted shot. That is as a result of it might be related to the final time Google dabbled in big-bucks territory: In 2019, it started providing $1 million to anybody who may hack the Titan M safety chip, which is embedded in Google Pixel smartphones. Particularly, it requires a “full chain distant code execution exploit with persistence, which compromises the Titan M safe aspect on Pixel units.”
However thus far, that reward has gone unclaimed. Thus, to reel within the $1.5 million on provide, an moral hacker would want to not solely subvert the never-subverted Titan M, but in addition make certain the exploit works on Android 13 Beta – and solely on Android 13 Beta.
The problem scale hasn’t deterred some. As one bounty hunter tweeted, “BRB going to promote my soul to the hacker gods to get a full distant code execution exploit chain on the Titan M.”
All Android 13 Beta Exploits Get a Bump
Google’s different rewards for locating an exploitable safety vulnerability in Android are additionally topic to the 50% bonus for Android 13 Beta. These run wherever from $75,000 (for a Gadget Coverage Controller bypass or code execution in a privileged course of) to $500,000 (for exfiltrating high-value knowledge secured by Titan M). Most rewards clock in at $250,000.
OEM code (libraries and drivers), Digital Automotive Keys, kernel, boot-loader, Safe Factor code, TrustZone OS and apps, system on chip (SoC), MicroController Unit (MCU), Boot ROM, RAM reminiscence, Flash reminiscence, filesystem, Trusted Execution Surroundings (TEE), radio models, and so forth., are all thought of eligible targets.
