In the last two years, Google has intensified its security for Android phones yet millions of phones continue to be hacked. The latest malware attack, labeled “Judy,” will infiltrate the operating system of the Android and steal biometric data and personal information you do not want hackers to find. Google has just increased the bounty from $30,000 to $200,000 in hopes of finding solutions to vulnerabilities two areas; Verified Boot and another for a remote kernel exploit. Their bug bounty reward program is here.
Verified Boot is a technology inside your device meant to protect boot settings and where biometric data is stored. This is data you don’t want exposed to hackers. If you have a newer Android device (6.0 and higher), there is an alert that will point the user to problems with Verified Boot, but if a hack can alter that alert it can go on undetected. Hence why Google raised the bounty in hopes of finding someone with the time and motivation.
The other vulnerability is remote kernel exploits that would be used to gain root access on your device. This will allow the hacker to steal any data they want from your device remotely.
If no one is able to create a valid report on fixes for the bugs, Google will most likely continue raising their bounty until someone is able to put the time in to uncover the bug and provide a fix.