VK will distribute up to 1.5 million rubles for vulnerabilities found in the social network
VK announced the restart of the Bug Bounty vulnerability search program: payouts for security researchers will be increased. For information about bugs in the VK ID service, users will be able to receive a reward of up to 1.5 million rubles.
The amount of payouts depends on the criticality of the vulnerability: the more dangerous it is, the greater the reward. If the detected bug has a low threat level, the user will receive up to $500 (38 thousand rubles), the average level – up to five thousand dollars (383 thousand rubles), the high level – up to ten thousand dollars (767 thousand rubles). Researchers who find critical-level vulnerabilities are promised to be paid up to $20,000 (1.5 million rubles).
Particular attention is paid to VK ID, a single authorization service for all VK projects. With its help, users manage all connected services: end sessions, change passwords in case of suspicious activity, set up two-factor authentication.