Project Zero: Google is Paying $200K for Hacking the Nexus 6P and Nexus 5X


In what is dubbed Project Zero Security Contest, Google is ready to part with up to $200,000 for anyone who successfully hacks the Google Nexus 6P or the Nexus 5X.

This is not a new thing in the tech industry, but Google’s decision to offer such a huge sum of money for someone who breaches its 2015 handsets shows at how the company is committed to ensuring that its devices are extremely secure. The Project Zero Security Contest went live on Tuesday this week and it will be on until March 14, 2017. So, you still have the time to win yourself a cool 200k as long as you have what it takes.

Nexus 6P

Google’s Android OS has been labeled as unsecure on many occasions, especially with respect to diehard iOS fans, due to its open-ended nature. However, over time of its existence, the search engine giant has upped the game to a point that it is ready to give out a huge cash prize to any contestant who can hack its most recent handsets – Google Nexus 6P and Nexus 5X – with the only details supplied being the email address as well as phone number of the handsets.

In order for the hack to occur, one must open an SMS message via Messenger or an email via Gmail. There is no other user interaction allowed past this. In addition, those taking part will use the same bug on both the Nexus 6P and Nexus 5X, unless it exploits a security feature that lacks on one phone and is available on the other. In such cases, the use of unique bugs is allowed.


There are three prizes for successful hackers of the Google Nexus 6P or Nexus 5X. The winner gets $200,000 while the runners up gets $100,000. The third prize is $50,000. Remember, winners will still be needed to present a technical report that describes the entire entry and it will be published on the official Project Zero blog for everyone to see it.

As noted earlier, this is a contest for those who think they’ve got what it takes. So, if you are one of them, check out for the official rules here.

One thought on “Project Zero: Google is Paying $200K for Hacking the Nexus 6P and Nexus 5X”

  1. The hack does not *requre* that a user open an SMS or gmail email, but that user interaction is allowed (and none past that). So basically if the attacker can gain access to the devices internal storage without any user interaction that would be preferable, but unlikely. Assuming the user will open an sms to activate the payload (or an email) is simply a provision in the rules. I read your article that it was required the target open an sms or gmail.

Share your comments here