Yandex in 2023 will allocate 100 million rubles to reward researchers who find vulnerabilities in the company’s products and infrastructure. Thus, the total amount of payments under the Bug Hunt program will increase by 2.5 times, Yandex said in a statement.
Since the beginning of 2023, the company has already paid 35.5 million rubles to hunters; the bulk of the awards came from the January competition with a tenfold increase in payouts for findings in the remote code execution and SQL injection categories.
Yandex reminds that the amount of remuneration depends on the criticality of the vulnerability, its ease of use and the impact on user data.
In 2022, as part of the program, the IT company also increased the reward for each vulnerability found by 2 times.
Bug Hunt is Yandex’s permanent bounty program for ethical hackers, launched in 2012.
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.