Saturday, September 7, 2024
HomeBug BountyCrowdfense Announced to Pay $3 Million Bug Bounty for iOS & Android...

Crowdfense Announced to Pay $3 Million Bug Bounty for iOS & Android Zero-day Exploits

Published on

Crowdfense, a vulnerability research hub announced that they ready to pay $3 million USD per successful submission of iOS and Android zero-day vulnerability exploits.

In this year Crowdfense offering a larger 15M USD acquisition program to focus the important areas of research, inclusive of Networking Devices, WiFi/Baseband, and Messengers.

There are many researchers were paid nearly 10 million USD last year with this  “Vulnerability Research Hub” (VRH) online platform. 

- Advertisement - EHA

Successful submission of the previously unreported bug, exclusive capabilities would be eligible to receive bounty range from 100,000 USD to $3 million USD.

Crowdfense would like to receive the zero-days for Windows, MacOS, iOS, Android and other various platforms and they categorized the different price for each vendor.

Windows and macOS zero bugs reporter eligible to receive upto 1.5 million USD and they particularly expecting the Chrome and Safari RCE bugs that related to sandbox escape.

Crowdfense is willing to pay up to $1.5 million to $3 Million for iOS, Android zero-day exploit interaction with iOS and Android PE.

Also other zero-day exploits such as instant messengers, SMS/MMS RCE, Routers RCE, and WiFi/baseband RCE eligible to receive up to 100k to 1.5 million USD.

According to Crowdfense, Within this program, Crowdfense evaluates only fully functional, top-quality 0-day exploits.

Apart from this, Crowdfense offered free high-level technical training sessions to hundreds of vulnerability researchers around the world.

“The first Researcher to submit indisputable proof of a fully working chain within the scope of our public Bug Bounty program will receive a 10% bonus on his/her payout (if Crowdfense decides to buy). For a working partial chain, the bonus will be 5%, calculated on the agreed payout.” Clowdfense said.

Learn: Mastery Bug Bounty Bundle online Course

Also Read:

Hackers Earned More Than $19 Million in 2018 by Participating in Bug Bounty Programs

Safehats – The Best Alternative Bug Bounty Program for HackerOne and Bugcrowd

Netflix Launches Public Bug Bounty Program With Top Reward as $15,000

Intel Expands Bug Bounty Program Rewards To $250,000 for Meltdown and Spectre Like Vulnerabilities

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...

Tropic Trooper Attacks Government Organizations to Steal Sensitive Data

Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group,...

NoiseAttack is a Novel Backdoor That Uses Power Spectral Density For Evasion

NoiseAttack is a new method of secretly attacking deep learning models. It uses triggers...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

SonicWall Access Control Vulnerability Exploited in the Wild

SonicWall has issued an urgent advisory regarding a critical vulnerability in its SonicOS management...

Apache OFBiz for Linux & Windows Vulnerability Allows Unauthenticated Remote Code Execution

A series of vulnerabilities affecting Apache OFBiz has come to light, raising significant cybersecurity...

Veeam Backup & Replication Vulnerabilities Let Attackers Execute Remote Code

Multiple critical vulnerabilities have been identified in Veeam Backup & Replication, a widely-used data...