Yandex Doubles Maximum Bounty to 3 Million Rubles for Ethical Hackers in Bug Hunting Program

The company «Yandex» has doubled the maximum reward size in its » bug bounty» program. Now, white-hat hackers can earn up to 3 million rubles for reporting an error, provided they successfully identify a vulnerability in «Yandex Mail,» «Yandex ID,» or Yandex Cloud.

The reward amount varies based on the type of vulnerability discovered. The highest payout for «Yandex Mail» and «Yandex ID» will be 3 million rubles, specifically for Remote Code Execution (RCE) vulnerabilities, which allow malicious actors to execute harmful code within the system. Rewards have also increased for other types of vulnerabilities, such as SQL injections. «Yandex» will prioritize all reported critical errors and promptly address them.

For Yandex Cloud, rewards have also been raised to 3 million rubles for vulnerabilities that are specific to cloud services, such as Virtual Machine escapes.

Launched in 2012, the «bug bounty» program aims to provide Yandex services with an additional layer of security, ensuring the integrity of their protection systems.