Are you also searching for ways to become a millionaire without much of hardwork? What if I tell you that there is a legal way to do that easily? Samsung has put up an offer for bug hunters, the South Korean smartphone manufacturer has announced that if someone successfully finds some major issue with their Operating System (OS) then they will be awarded $1 million. This offer from Samsung to award significant prizes to researchers who spot security flaws and vulnerabilities in the OS has been announced under the Mobile Security Program.
Samsung Bug Bounty Offer Details
According to a blog post by the smartphone manufacturer, security researchers and others can earn substantial rewards by identifying various security flaws and vulnerabilities, particularly those related to Arbitrary Code Execution on high-privilege targets within systems. This could involve tasks such as data extraction, unlocking devices, installing unauthorized applications, or bypassing device security.
ALSO READ | Samsung Galaxy Z Fold 6: 5 Reasons Why You Should Consider This Foldable Phone
Depending on the severity of the vulnerability and the significance of the project, the company has raised the potential bug bounty rewards to as much as one million dollars. The top prize of $1 million can be awarded for successfully hacking the latest Knox Vault and executing remote code within Samsung's hardware security system. Knox Vault serves as the company's isolated secure environment for storing cryptographic keys and sensitive biometric data on mobile devices.
Additionally, a reward of $200,000 is available for subsequent device unlocks after the first unlock. If someone can unlock a device and fully extract user data without the phone being previously unlocked, the bounty could go up to $400,000.
The reward increases to $60,000 and $30,000 if researchers remotely install an application from the Galaxy Store. Ethical hackers who install apps from sources other than the Galaxy Store could earn up to $100,000 or $50,000.
Samsung Offer Eligibility Criteria
Regarding the eligibility criteria, researchers need to submit an exploit that effectively targets one or more of the specified key scenarios to be eligible for the Good Report Bonus. Additionally, the exploit must work on the latest security updates for the newest flagship Galaxy Z and S series devices and should not require elevated privileges to execute.
Researchers are also required to include the prefix [ISVP] in their report title when submitting through the rewards program to participate in the initiative.
The tech giant further noted that since launching its bug bounty program in 2017, it has paid out nearly $5 million.