FCU US, formerly Chrysler Group, has put up a bounty and called upon cybersecurity researchers to poke around and find holes in the security systems of their vehicles.
FCA US has put up a bounty program on Bugcrowd, an online community of cybersecurity researchers. The program stated few rules which includes providing FCA US all the information needed to replicate and validate the discovered security vulnerability. Of course the company also asks that the bounty hunters not destroy data, modify access, interrupt FCA US services and keep data that does not belong to them, reports TechCrunch.
In return for dutifully following the set guidelines, bounties that range from $150 to $1,500 per bug are up for grabs depending on the severity. FCA US has also promised that no legal action will be taken against the cybersecurity researchers nor will law enforcement investigate any of the participants of the program.
One of the main goals for this bug hunt is to find vulnerabilities in the UConnect systems. Particularly apps for Android and iOS. In a nut shell, the company is asking researchers to hack into the FCA US vehicles and compromise its cybersecurity with whatever tools the participants have on hand and get paid doing it.
Check out this link for more details on the program parameters. Alfred Bayle