Attention, Android users! Samsung has big news! They’re inviting hackers worldwide to break into their Mobile Security Program for up to $1M in rewards. Sounds weird, right? If someone can hack a system, isn’t it flawed? Exactly! Samsung wants hackers to expose flaws in their Mobile Security Program. And by offering rewards, they aim to strengthen security and build customer trust. So, let’s dive into the details!
The Million-Dollar Challenge
Like every tech giant, Samsung also runs a bug bounty program, and it’s getting even better! According to a recent blog, Samsung is offering massive rewards to those who can uncover security flaws in its software. As part of its Mobile Security Program, Samsung challenges hackers to break into their systems and expose vulnerabilities. And here’s the exciting part—they’ve just bumped the rewards up to a whopping million dollars!
But that’s not all. Additionally, security researchers and even everyday hackers can earn Samsung rewards by finding vulnerabilities related to Arbitrary Code Execution on privileged targets. This could involve unlocking devices, extracting sensitive data, executing arbitrary app installations, or bypassing the device’s security measures. Consequently, Samsung is pulling out all the stops to ensure its Mobile Security Program is rock solid, and they’re willing to pay big to make it happen!
High Stakes, High Rewards
Samsung explains that users can score rewards by finding various security flaws in their system. The top $1 million reward goes to anyone exploiting Knox Vault and executing remote code in Samsung’s hardware security system. But there’s more! For instance, unlocking a device after it’s already been unlocked scores $200,000 while unlocking it first bumps that up to $400,000. Moreover, remotely installing an app from the Galaxy Store earns $60,000 in Samsung rewards, with $30,000 for a local install. Additionally, installing an app remotely from other sources earns $100,000, and $50,000 for local installs.
Samsung’s Rules
However, Samsung also pinpoints a few regulations. Samsung’s blog post says that your report should highlight a successful attack targeting key scenarios. To qualify for the Good Report Bonus, your submission must include an exploit that targets one or more defined Important Scenarios. Furthermore, the exploit needs to work on the latest security updates of the flagship Galaxy S and Z series devices. It should run smoothly without elevated privileges. When submitting through the Samsung rewards program, include the prefix [ISVP] in your report title to join the Mobile Security Program.
Conclusion
Ironically, paying people to hack into their Mobile Security Program is Samsung’s genius way to gain customer trust. This approach tightens security, keeps loyal customers returning, and attracts new ones to Samsung. It’s a win-win for everyone—Samsung, customers, and hackers!