A self-described hacker was randomly paid almost $250,000 by Google. He was baffled by the payment.
On Tuesday, Sam Curry tweeted about the mysterious payment from Alphabet Inc.’s
Google. “It’s been a little over 3 weeks since Google randomly sent me $249,999 and I still haven’t heard anything on the support ticket. Is there any way we could get in touch @Google?” he wrote.
“It’s OK if you don’t want it back…,” he quipped.
Curry describes himself as a hacker and a bug bounty hunter in his Twitter bio. He works as a staff security engineer at Yuga Labs, the crypto and non-fungible token (NFT) specialist that created the famous Bored Ape Yacht Club NFT project.
NPR reports that Google made the payment as a mistake and notes that Curry sometimes does bug bounty work for the tech giant and other companies.
“Google did indeed contact me and I’m going to head into the bank today to pay it back,” Curry told MarketWatch on Friday.
MarketWatch has reached out to Google with a request for comment on this story.
Bug bounties are paid out by companies and other organizations when someone discovers a vulnerability in their systems and reports the vulnerability, or “bug,” back to them. Last year, for example, the Department of Homeland Security launched its “Hack DHS” program, which invited vetted cybersecurity researchers and ethical hackers to identify potential vulnerabilities in certain DHS external systems.
In April 2022 the Department reported that more than 450 vetted researchers identified 122 vulnerabilities, 27 of which were determined to be critical. DHS awarded a total of $125,600 in bounties, it said.
Alphabet shares were down 0.9% before the market open on Friday. The stock has dropped 29.0% year to date through Thursday, compared with the S&P 500 index
which has dropped 18.2%.