Even if most security researchers do have a vested interest in reporting vulnerabilities through the proper channels to allow vendors to fix them and make the Internet safer, so-called bug bounties – payments for such reports – can act as extra added incentive.
Read more here:
http://www.technewsworld.com/story/81695.html