Calling all bug bounty hunters - Google has expanded its challenge to V8 and Cloud

Security Bug
(Image credit: Shutterstock)

Looking to put your bug hunting skills to good use and earn yourself a pretty penny in the process?

Google has launched its latest bounty challenge rewarding participants for discovering bugs and exploiting vulnerabilities in Chrome’s v8 JavaScript and Google Cloud.

The latest challenge, v8CTF, is a capture-the-flag based bug hunting challenge open to exploit writers.

 The 0-day Lottery

As part of Google’s standard Vulnerability Reward Program (VRP), lucky hunters can bag themselves tens of thousands of dollars for discovering and demonstrating the severity of a security vulnerability in any Google or Alphabet subsidiary.

Rewards are offered in the discovery of both known and new vulnerabilities, known as n-day and 0-day vulnerabilities respectively, with rewards available from both the VRP and the v8CTF reward program, with the latter offering $10,000 for each 0-day discovery and exploitation.

“We want to learn from the security community to understand how they will approach this challenge. If you’re successful, you’ll not only earn a reward, but you’ll also help us make our products more secure for everyone. This is also a good opportunity to learn about technologies and gain hands-on experience exploiting them,” Google software engineers Stephen Roettger and Marios Pomonis stated in the Google security blog.

Via Infosecurity Magazine

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for close to 5 years, at first covering geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division). Benedict then continued his studies at a postgraduate level and achieved a distinction in MA Security, Intelligence and Diplomacy. Benedict transitioned his security interests towards cybersecurity upon joining TechRadar Pro as a Staff Writer, focussing on state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.