Google Bug Bounty Program Awards Teen $36,000

Must Read

Elon Musk Added Over $100 Billion To His Net Worth In Just 1 Year, Leaves Jeff Bezos Behind

Jeff Bezos may the world's richest person in the world but it's Elon Musk who has been...

Elon Musk Overtakes Bill Gates And Becomes the 2nd Richest Person in the World

It's been a good week for Elon Musk and his electrical vehicle business Tesla. Earlier this week,...

Has Zuckerberg Finally Accepted That Facebook Spies On Users?

It seems like Facebook is headed towards more investigation and scrutiny as recently, Facebook has been alleged...

Cyber-crime is one oft-repeated threat, which apparently doesn’t seem like slowing down. However, the only defence to this threat is security vigilance and awareness. A quick way to test the corresponding security measures is by incorporating bug bounty programs which have been on the maps of several companies, for a long time now. Although not all bug bounty programs provide remunerations, others can go as high as $36,000 like Google who recently awarded an Uruguayan teenager for exposing a security flaw.

The herculean search engine Google awarded an Uruguayan teenager with $36,000 for reporting a major vulnerability. The 18-year-old Ezequiel Pereira from Uruguay debugS a severe security hole which, otherwise, would have allowed hackers to make changes to Google’s internal systems. At the outset of 2018, Ezequiel Pereira, having a keen interest in programming, got access to a non-Production App Engine deployment environment where he was able to use internal APIs. Remote Code Execution, as it is known, is a part of Google Vulnerability Rewards Program.

The Uruguayan Prodigy:

Ezequiel Pereira, while on the verge of turning 17, earned his first reward through Google bug bounty program wherein he exposed a Google security flaw.

Tapping along the ABCs of this whiz kid; Pereira got his first computer when he was 10. He spent years learning different coding languages, after a steady initiation when he was 11 years old. He finished off as a grand prize winner of Google Code-in 2015, paving a way to Google’s California headquarters.


I found something almost immediately that was worth $500 and it just felt so amazing. So I decided to just keep trying ever since then. – Ezequiel Pereira

He found his second biggest bug on July 2017 through which he earned $10,000. Despite using more than half of the money on applying for scholarships to US Universities, he couldn’t manage into any of the schools. Hence, he took off to become self-taught and started schooling at home. With an aim of achieving master’s degree in Computer Security, Pereira keeps himself busy, hunting bugs.

Pereira got permission to write about how he discovered it recently after Google fixed the issue. It marks his fifth accepted bug.

The Tabloid in a Nut-shell:

  • Early February 2018: Main bug was discovered.
  • February 25th, 2018: Initial report sent, containing the “stubby” API
  • March 4th and 5th, 2018: The app_config_service” API was discovered and reported
  • Between March 6th and 13th, 2018: The access to non-prod Google App Engine environments was blocked with a 429 error page
  • 13th March, 2018: Reward of $36,337 issued
  • May 16th, 2018: Confirmation of the security flaw been fixed.

Bug Bounty Programs Boosts Ethical Hacking :

Bug bounty programs are designed to key-up software security researchers and pay them to find vulnerabilities and report back to the sponsor. In return, the researchers are richly rewarded for their findings. In fact, as part of Google’s Android Security Rewards Program, Researcher Guang Gong, received the largest reward of the year 2017: $112,500.

Heretofore, Pereira’s submissions are towards the Google’s bug bounty program. However, there’re many other technology companies which offer similar awards to ensure smooth and essentially, authentic and supervised access. Introducing bounty programs and offering monetary awards is sure to motivate hackers to discover and report flaws rather than selling them off to malicious, third-party sources. Many corporations have been announcing such programs, wherein they reward hackers who can break into their systems and eventually, report breaches in the process.

Ethical hacking is one’s fair shake to be on the right side of the law while securing systems by hunting down flaws and fixing them.



Please enter your comment!
Please enter your name here

Latest News

India Bans 43 More Apps As Indo-China Feud Continues

The latest move of the Indian Government has proved that Chinese-origin apps won’t catch a break any...

ShareChat Acquisition: What’s Google Up To?

The news related to acquisition of ShareChat is once again making rounds on the internet. It seems like Google...

Elon Musk Overtakes Bill Gates And Becomes the 2nd Richest Person in the World

It's been a good week for Elon Musk and his electrical vehicle business Tesla. Earlier this week, after Tesla Inc.'s rocky road...

iPhone 12 Plagued With Serious Problems: Should You Buy It, Still?

A serious problem with Apple iPhone 12, identified recently, is good enough to give a second thought to your decision of buying...

Facebook Threatens Research Team To Shut Down In A Bid To Hide Their Dirty Secrets

Facebook Inc. (NASDAQ:FB), in a bid to hide their dirty secrets, recently threatened a small academic team to shut, all in the...

Does CCI Verdict On Reliance Future Group Deal Hints Who Will Have The Last Laugh?

Biyani's Future Group, Ambani's RIL, and Bezos' Amazon have been in a three-way dispute for the past month. This dispute was sparked...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter,...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one...

More Articles Like This