Are you a malicious hacker looking for a path to redemption? It turns out that you can get paid for using your sweet skills to save the world–so-called ”white-hat” hackers have managed to rack up $32,150 in profits by identifying and fixing security flaws in popular crypto networks and services in the last seven weeks alone.
Hard Fork reported yesterday that at least 15 blockchain-related companies (including Coinbase, TRON, Brave, Augur, Omise, and EOS) distributed financial rewards to these white-hat hackers working through HackerOne, a bug bounty platform, between March 28th and May 16th.
Omise reportedly paid out rewards for the most fixes (6) over this period. Augur and Brave came in second place with three bounties paid each.
Many of the rewards are for small amounts–the majority of Omise’s payments, for example, were for around $100 each. But some of the rewards can be quite large–both the Aeternity Network and Block.One (the company behind the EOS network) distributed a reward of $10,000 to a hacker for a single bug.
Can ODPs Bring Transparency to South Africa’s FX & Derivatives Industry?Go to article >>
TRON paid out a $3100 award to the hacker who found that the network was vulnerable to being bombarded with malicious smart contracts, a flaw that could have completed dammed transactions on its blockchain.
For a Hacker Trying to Make a Profit, It’s Good to Be Bad
Off of the platform, white-hat hackers can be a little less ethical. In some situations, the bounty paid on each bug found is determined by the hacker who finds it; sometimes, hackers who find bugs will hold the findings hostage in exchange for a ransom; if the company doesn’t pay up, the hacker may reveal the bug to the world.
And of course, other hackers are not interested in helping with fixing problems in crypto networks at all. Earlier this month, 7000 BTC (worth $55 million at press time) was stolen from cryptocurrency exchange Binance after hackers discovered and exploited a vulnerability in its infrastructure.
Binance runs its own bug bounty program that awards white-hat hackers with up to $100,000 for a single vulnerability.