Mobile bug bounty always seemed like an area that was presented as a niche or an opportunity in the bug bounty world. Yet, personally, I never really spent much time on it. One reason was that I assumed many bugs would require an app to be installed on the victim’s device, making the attack scenario difficult to achieve. I wanted to see for myself whether that’s true and what kinds of mobile bugs can actually earn good bounties so I made this case study.