In April we announced a Mobile bonus reward program for researchers that submitted valid, non-duplicate mobile vulnerabilities for a chance to win $1000, and in early June we expanded the program to two bonuses. We are excited to announce our two winners, and congratulate putsi and robinooklay for their mobile submissions!

We got a great response with the bonus program and have new public bounty programs with mobile targets, so we’ve decided to run it again! The details are as follows:

  • From July 1st through September 30th, 2016, every valid and non-duplicate mobile vulnerability submitted will be entered into a raffle to win one of two cash prizes, $1000 each.
  • Each valid submission equals an additional entry into the contest, so if you’ve submitted five valid bugs you will have five entries to win $1000! (By submitting valid mobile vulnerabilities, you may also qualify to receive invitations to private mobile testing programs.


How to Get Started:

  1. Whenever you’re ready, email us at and let us know that you are interested in Android / iOS / BlackBerry / Windows Phone mobile app testing.
    1. Please specify what physical hardware you have access to test on (i.e. iPhone, iPad, WinPhone, etc.)
    2. If you’re new to mobile app testing, let us know and we can send additional online resources to help you get started.
  2. In the meantime feel free to start testing on the following public programs that we currently have running with mobile targets:

New to Mobile hacking or got the skills but want to multiply them? Bugcrowd’s Director of Technical Operations Jason Haddix has compiled a great resource for Mobile testers and developers alike in his Mobile App Security Resources Kit.

As always, feel free to reach out with questions, and Happy Mobile Hunting!!