Samsung announces reward of up to $1 million for identifying software bugs

WEB DESK: Samsung, with billions of users worldwide, is committed to safeguarding its software against potential security threats.

To preemptively tackle vulnerabilities before they can be exploited by malicious actors, the company has significantly bolstered its investment in cybersecurity.

In line with industry practice, Samsung operates a bug bounty programme that incentivises ethical hackers with substantial rewards for identifying security flaws. The company has now raised the maximum reward offered to an impressive $1 million.

Launched in 2017, the Samsung Mobile Security Rewards Programme has now issued its first Annual Report, revealing notable statistics. Since its inception, the programme has distributed nearly $5 million in bug bounties.

In 2023 alone, Samsung awarded $827,925 to 113 researchers. The highest single reward of $57,190 was granted to TASZK Security Labs for uncovering vulnerabilities that could potentially facilitate remote attacks.

As Samsung’s focus shifts towards integrating AI solutions with its Galaxy AI initiative, the company is also piloting the Samsung Mobile AI Security Rewards Programme. This new programme aims to address vulnerabilities in emerging software technologies before they pose significant risks.

Under the revised rewards structure, researchers who discover critical exploits, such as arbitrary code execution on privileged targets, complete user data extractions, or device unlocking, can now earn up to $1 million.

Additionally, bypassing the Auto Blocker—designed to prevent unauthorised app installations—will yield rewards of up to $100,000. For a detailed list of reward categories, Samsung’s security blog provides comprehensive information.

Read next: iPhone 15 prices increased in Pakistan