{"id":810098,"date":"2024-12-04T22:45:28","date_gmt":"2024-12-05T04:45:28","guid":{"rendered":"https:\/\/newsycanuse.com\/index.php\/2024\/12\/04\/record-breaking-2-million-bounty-offered-to-crypto-com-hackers\/"},"modified":"2024-12-04T22:45:28","modified_gmt":"2024-12-05T04:45:28","slug":"record-breaking-2-million-bounty-offered-to-crypto-com-hackers","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2024\/12\/04\/record-breaking-2-million-bounty-offered-to-crypto-com-hackers\/","title":{"rendered":"Record-Breaking $2 Million Bounty Offered To Crypto.com Hackers"},"content":{"rendered":"
\n
<\/p>\n

HackerOne and Crypto.com announce biggest ever bug bounty.<\/p>\n

<\/fbs-accordion>getty<\/small><\/figcaption><\/figure>\n

With 100 million users across 90 countries worldwide, Singapore-based Crypto.com is one of the world\u2019s biggest crypto trading platforms. As you might imagine, then, trust is a central pillar supporting everything the organization does, and the foundations of that trust are built around security and privacy. This security-first philosophy is highlighted in the promise that security and privacy are built into the business by design and default. \u201cWe drive a zero trust, defense in depth security strategy across our systems and platforms,\u201d Crypto.com states, \u201cto continually strengthen our security posture, we invest heavily in ongoing security and privacy awareness training for all staff.\u201d And now it\u2019s investing heavily in hackers, to the record-breaking tune of $2 million. Here\u2019s what you need to know.<\/p>\n

Forbes<\/span>Venture Capitalist Attacks Net $1 Billion In Crypto\u2014What You Need To Know<\/span>By Davey Winder<\/span><\/small><\/span><\/span><\/span><\/a><\/p>\n

Crypto.com Ups The Ante When Investing In Hackers To Find Security Issues Before They Can Be Exploited By Cybercriminals<\/h2>\n

Crypto.com is not new to the world of bug bounty platforms; it has had a presence on the HackerOne platform since May 2018, after all. In that time, it has paid out a total of $539,130 in bounties to hackers<\/a>, with the top bounty range, according to HackerOne\u2019s own statistics<\/a>, being in the $3,759 – $40,000 bracket. That could all be set to change, and how.<\/p>\n

That existing bug bounty program is being updated so as to increase the maximum amount payable to hackers who are successful in finding certain types of security vulnerabilities is now a truly whopping $2 million. In case you need some perspective for just how important a milestone this is, it represents the biggest bug bounty ever offered by HackerOne since it was founded in 2012.<\/p>\n

Forbes<\/span>The U.S. Government Just Hacked Itself<\/span>By Davey Winder<\/span><\/small><\/span><\/span><\/span><\/a><\/p>\n

\u201cSecurity and compliance are at the foundation of everything we do at Crypto.com,\u201d Kris Marszalek, CEO of Crypto.com, said, \u201cas our business and the industry continue to grow, it\u2019s critically important that we remain focused on our core principles, and this new bounty program does that by setting a new bar.\u201d Setting a new bar is something of an understatement in my opinion, this new bounty ceiling lays down a challenge to other organizations that asks how seriously do they really take security beyond the buzzwords and marketing?<\/p>\n

Raising The Standard For How Organizations Should Engage With And Reward Hackers<\/h2>\n

If you are not used to the business of hacking then discovering that HackerOne has a chief hacking officer might come as something of a surprise, but here we are. That position his held by Chris Evans who is also the more commonly held chief information security officer. \u201cThe top programs on our platform do not just follow our best practices,\u201d Evans said, \u201cbut continuously raise the standard for how all organizations should engage with and reward ethical hackers.\u201d<\/p>\n

Crypto.com has something of a track record when it comes security assurance, what with being the first \u201cvirtual asset platform\u201d to gain multiple security certifications across all platforms. But chief information security officer, Jason Lau, said \u201cwhile we have dedicated significant efforts to achieve top-tier security certifications, maintaining security assurance requires continuous focus and improvement.\u201d<\/p>\n

Forbes<\/span>Are You Already In The Matrix\u201435 Million Devices Under Blue Pill Attack<\/span>By Davey Winder<\/span><\/small><\/span><\/span><\/span><\/a><\/p>\n

Which is why Crypto.com has been a respectful partner with the hacking community, which it sees as an extension to its internal security team, through the HackerOne platform. \u201cDeepening our relationship with HackerOne through this milestone,\u201d Lau concluded, \u201cand setting this landmark bounty underscores our commitment to enhancing safeguards and consumer protection.\u201d<\/p>\n

Go Get \u2018Em, Hackers\u2014How To Earn That $2 Million Crypto.com Bounty<\/h2>\n

Which just leaves the question of whether any hackers have what it takes to grab that $2 million bounty? According to the rules of engagement for this extreme bounty range, the $2 million reward is for in-scope vulnerabilities against the platform that \u201ccould result in a significant loss of funds or a data breach.\u201d What Crypto.com doesn\u2019t do, however, is outline precisely what criteria need to be met as, it said, these are extreme edge cases. Broadly speaking, though, hackers might expect to get the big payout, in a combination of traditional fiat funds and cryptocurrencies, for finding vulnerabilities that \u201ccould result in a quick and immediate loss of over $1 million in funds\u201d to Crypto.com or its users, or that could dump customer information en masse. Go get \u2018em, hackers.<\/p>\n

Forbes<\/span>Now Hackers Are Using Snail Mail In Cyber Attacks\u2014Here\u2019s How<\/span>By Davey Winder<\/span><\/small><\/span><\/span><\/span><\/a><\/p>\n<\/div>\n

Read More<\/a>
\n Davey Winder<\/p>\n","protected":false},"excerpt":{"rendered":"

HackerOne and Crypto.com announce biggest ever bug bounty. getty With 100 million users across 90 countries worldwide, Singapore-based Crypto.com is one of the world\u2019s biggest crypto trading platforms. As you might imagine, then, trust is a central pillar supporting everything the organization does, and the foundations of that trust are built around security and privacy.<\/p>\n","protected":false},"author":1,"featured_media":810099,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[308,4368],"tags":[],"class_list":{"0":"post-810098","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-million","8":"category-record-breaking"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/810098","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=810098"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/810098\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/810099"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=810098"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=810098"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=810098"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}