On Tuesday, Sam Curry tweeted about the mysterious payment from Alphabet Inc.’s GOOGL, -0.74% Google. “It’s been a little over 3 weeks since Google randomly sent me $249,999 and I still haven’t heard anything about the support ticket. Is there any way we can get in touch with @Google?” He wrote. “It’s okay if you don’t want it back…” he quipped. Curry describes himself as an award-winning hacker and bug hunter in his Twitter bio. He works as a staff security engineer at Yuga Labs, the crypto and non-fungible token (NFT) specialist that created the famous Bored Ape Yacht Club NFT project. Opinion: Don’t dismiss Bored Apes — NFTs could prove a viable platform for sales and smart contracts NPR reports that Google made the payment as a mistake and notes that Curry sometimes does bug bounties for the tech giant and other companies. “Google did contact me and I’m going to the bank today to pay it off,” Curry told MarketWatch on Friday. MarketWatch has reached out to Google for comment on this story. Bug bonuses are paid by companies and other organizations when someone discovers a vulnerability in their systems and reports the vulnerability or “bug” back to them. Last year, for example, the Department of Homeland Security launched its “Hack DHS” program, which invited vetted cybersecurity researchers and ethical hackers to identify potential vulnerabilities in certain external DHS systems. In April 2022 the Department reported that more than 450 vetted researchers identified 122 vulnerabilities, 27 of which were deemed critical. DHS awarded a total of $125,600 in bounties, he said. Shares of Alphabet fell 0.9% before the market opened on Friday. The stock was down 29.0% year-to-date through Thursday, compared with the S&P 500 SPX, -1.08% which was down 18.2%.
