Home / Blockchain / Hackers earned almost $ 1 million in blockchain Bug Bounties in 2018

Hackers earned almost $ 1 million in blockchain Bug Bounties in 2018

The year 2018 has seen users of cryptocurrency and enthusiasts lose a lot of money. The year started with a capitalization of over $ 800 billion and is ending with only $ 130 billion.

There is no doubt that the bear market has been strong and for those who have refused to sell, they are very likely under water. However, despite the massive sell-off, there are people who have benefited well during these difficult market conditions.

These people sold the top, shorted the tops, desired the dives or successfully hacked software to find blockchain bugs.

For those of you who do not know it, l & # 39; hacking it can be a very profitable business even if performed legally. According to statistics from the disclosure platform of violations HackerOne, cryptographic hackers have compensated $ 878,000 for just this year.

Security in the Blockchain ecosystem

Although many are blockchain and cryptocurrency due to their strength and security, much of the software and technology is still very new. Users have lost millions of dollars to hackers exploiting code bugs and two of the biggest and most popular hacking events involved two cryptocurrency exchanges, the mountain. Gox and Coincheck.

Following these hacks, cryptographic exchanges, wallets, and services contained bug bugs that rewarded hackers for finding software bugs in their systems. They did it to improve safety standards and to ensure that they keep customers' funds safe and secure.

Second TheNextWeb, blockchain companies have received at least 3,000 vulnerability reports this year and about $ 600,000 in bug sizes already issued by August.

Further reports from HackerOne reveal that almost 4% of all bugs sizes Paid by the platform this year came from cryptocurrency and blockchain related companies. The most interesting thing is that these types of companies have totaled only 64 of the 2000 companies that were part of the platform and have achieved the greatest gains.

A spokesman for HackerOne further revealed:

The average size for all blockchain companies in 2018 was $ 1490, which is higher than the Q4 platform average of around $ 900. One of the best hacker cryptographers has earned 7 times the median salary of the software engineer respectively in their country.

The biggest bug bug payment

Although HackerOne hosts 64 cryptographic and blockchain companies on their platform, only 1 company handles over 60% of the bug bonuses. Block.one, the company behind the EOS cryptography project awarded hackers $ 530,000 in 2018.

Block.one's hacking program was launched in May, and shortly thereafter a hacker received $ 120,000 in bug bonuses.

Till now, EOS it ranks as the highest-paid blockchain company in the HackerOne program. In previous years it was Coinbase with $ 290,000 in bug rewards followed by TRON with $ 76,200 in payments.

Notable bugs found in 2018

They call Bitcoin the safest and most reliable blockchain that exists as it has been around for 10 years. However, this year someone discovered a critical bug with paralyzing capabilities in Bitcoin's core code in which it could have been used to inflate the Bitcoin supply to over 21 million.

Surprisingly, the Bitcoin bug was discovered by a Bitcoin Cash developer, Awemany, who reported it to the Bitcoin developers, where they quickly resolved the vulnerability.

Another notable bug, this time for Bitcoin Cash was a bug that made it possible to split the BCH chain into two incompatible chains. Corey Fields, who works at the MIT Media Labs Digital Currency Initiative (DCI), discovered this bug.

As for the bugs on Ethereum, HackerOne said that about 34,000 smart contracts on the Ethereum network were vulnerable to malicious activities. However, this number is not too surprising considering the number of cryptocurrency projects built on Ethereum.

Do you think bounty bugs are a good idea or could they lead hackers to exploit vulnerabilities? Let us know what you think in the comments section below.

Source link