Sunday, October 25, 2020
Home Lead Story HackerOne Pays $20K to User who Hacked its Own Platform

HackerOne Pays $20K to User who Hacked its Own Platform

Hacker-powered security is a technique that utilises collaboration with the hacker community to find unknown security vulnerabilities and reduce security risk. Popular examples include bug bounty programmes and vulnerability disclosure policies

Facing an embarrassing situation, San Francisco-based HackerOne which is a vulnerability coordination and bug bounty platform and boasts of clients like Starbucks, Instagram, Goldman Sachs, Twitter and Zomato, has paid $20,000 to a user who exposed a vulnerability in its own bug bounty platform.

The vulnerability was exposed by a user with the handle called “haxta4ok00” who has now been paid $20,000 by HackerOne.

“A hacker had access for a short time to information relating to other programmes running on the HackerOne platform.

“Less than 5 per cent of HackerOne programmes were impacted, and those programmes were contacted within 24 hours of report receipt,” HackerOne said in a statement this week.

The hacker, and HackerOne community member posted a report to the bug bounty platform: “I can read all reports @security and more programmes.”

personal information, smart devices
While 85 per cent of people own a smartphone, 54 per cent believe the technology is spying on them. Pixabay

HackerOne responded: “We didn’t find it necessary for you to have opened all the reports and pages in order to validate you had access to the account. Would you mind explaining why you did so to us?”

Haxta4ok00 said: “I did it to show the impact. I didn’t mean any harm by it. I reported it to you at once. I was not sure that after the token substitution I would own all the rights. I apologise if I did anything wrong. But it was just a white hack.”

In August this year, HackerOne revealed that hackers earned $21 million in just a year reporting vulnerabilities via various bug bounty opportunities as governments’ efforts to fix malware increased a whopping 214 per cent globally.

Also Read: Delhi Breathes Hazardous Air, Once Again

Food delivery platform Zomato has paid more than $100,000 (over Rs 70 lakh) to 435 hackers to date for finding and fixing bugs on its platform.

With the help of HackerOne’s bug bounty programme since July 2017, Zomato has successfully resolved 775 vulnerabilities report.

Hacker-powered security is a technique that utilises collaboration with the hacker community to find unknown security vulnerabilities and reduce security risk. Popular examples include bug bounty programmes and vulnerability disclosure policies. (IANS)

STAY CONNECTED

19,120FansLike
362FollowersFollow
1,778FollowersFollow

Most Popular

Stars and Planets Grow Up Together, says Study

In a unique study, astronomers have found compelling evidence that the planets begin forming while stars are still infants and they grow up together...

Diana Penty Talks About Digitalizing Fashion Shows

In a day and age where most things are digital and everything has moved online, one would imagine the same to be the case...

New AI Predicts Risks of Developing Acute Kidney Injury

A new artificial-intelligence-based tool can help clinicians predict which hospitalized patients face a high risk of developing acute kidney injury (AKI), say, researchers, including...

Artificial Limbs to Differently-Abled by Charitable Body

Narayan Seva Sansthan, which runs charitable hospitals in the country for the differently-abled, particularly polio-affected and those affected by birth, has launched a campaign...

Need for Continuing the Polio Immunization During Pandemic

As World Polio Day is observed around the globe amid the COVID-19 pandemic on Saturday, experts underlined the need for continuing the polio immunization...

Patients with NCD More Vulnerable to COVID in India

Researchers have revealed that the COVID-19 pandemic came as a double blow for people with non-communicable diseases (NCDs) such as diabetes, cancer, respiratory problems,...

How to Check if Something is an Online Scam

While there’s no failsafe way to recognize a scam, it never hurts to be vigilant. You can protect yourself when you know what to...

Washing Hands Thoroughly is Far off the Basics

Medical authorities have made themselves clear: washing our hands thoroughly and frequently with soap, or using a hand sanitizer in absence of soap and...

Recent Comments