Google offers bounty for Chrome vulnerabilities

Google is looking to bring more third-party researchers onboard

Google is offering cash rewards to security researchers who find flaws in its Chrome web browser.

The company will pay $500 to $1,337 (£314 to £840) to developers who find and directly report security holes. The $1,337 amount is an apparent homage to the hacker term 1337 (pronounced 'leet' and meaning 'elite').

The payment system will apply to flaws in the Chromium open-source project, along with the browser and bundled components such as Google Gears.

Google Chrome security team member Chris Evans said in a blog post that Google is looking to bring more third-party researchers onboard.

"Some of the most interesting security bugs we've fixed have been reported by researchers external to the Chromium project," he wrote.

"Thanks to the collaborative efforts of these people and others, Chromium security is stronger and our users are safer."

Paying researchers for the disclosure of flaws is a tactic used by developers and security vendors to encourage research and responsible disclosure.

Companies hope that the cash rewards will persuade researchers to report flaws to those who will patch them, rather than malware writers who pay for new vulnerabilities to exploit.