Friday, March 29, 2024

Crowdfense Announced to Pay $3 Million Bug Bounty for iOS & Android Zero-day Exploits

Crowdfense, a vulnerability research hub announced that they ready to pay $3 million USD per successful submission of iOS and Android zero-day vulnerability exploits.

In this year Crowdfense offering a larger 15M USD acquisition program to focus the important areas of research, inclusive of Networking Devices, WiFi/Baseband, and Messengers.

There are many researchers were paid nearly 10 million USD last year with this  “Vulnerability Research Hub” (VRH) online platform. 

Successful submission of the previously unreported bug, exclusive capabilities would be eligible to receive bounty range from 100,000 USD to $3 million USD.

Crowdfense would like to receive the zero-days for Windows, MacOS, iOS, Android and other various platforms and they categorized the different price for each vendor.

Windows and macOS zero bugs reporter eligible to receive upto 1.5 million USD and they particularly expecting the Chrome and Safari RCE bugs that related to sandbox escape.

Crowdfense is willing to pay up to $1.5 million to $3 Million for iOS, Android zero-day exploit interaction with iOS and Android PE.

Also other zero-day exploits such as instant messengers, SMS/MMS RCE, Routers RCE, and WiFi/baseband RCE eligible to receive up to 100k to 1.5 million USD.

According to Crowdfense, Within this program, Crowdfense evaluates only fully functional, top-quality 0-day exploits.

Apart from this, Crowdfense offered free high-level technical training sessions to hundreds of vulnerability researchers around the world.

“The first Researcher to submit indisputable proof of a fully working chain within the scope of our public Bug Bounty program will receive a 10% bonus on his/her payout (if Crowdfense decides to buy). For a working partial chain, the bonus will be 5%, calculated on the agreed payout.” Clowdfense said.

Learn: Mastery Bug Bounty Bundle online Course

Also Read:

Hackers Earned More Than $19 Million in 2018 by Participating in Bug Bounty Programs

Safehats – The Best Alternative Bug Bounty Program for HackerOne and Bugcrowd

Netflix Launches Public Bug Bounty Program With Top Reward as $15,000

Intel Expands Bug Bounty Program Rewards To $250,000 for Meltdown and Spectre Like Vulnerabilities

Website

Latest articles

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles