Hackers Get $1.9M in Bug Bounties at Live Hacking Sessions
More than 1,000 security bug bounty reports were submitted during a three-day live hacking event in Las Vegas. The total payout for the participating hackers was almost $2 million. Three organizations paid the money, one of them covering more than half of the total.
Called h1-702, the event is organized by Hacker One bug bounty platform and was at its fifth edition. 100 hackers from all over the world tested their skills at finding security flaws vulnerabilities.
Not just for experienced hackers
Over 1,049 bugs were submitted to participating companies and $1,902,668 was paid in rewards; a round $1 million came from Verizon Media, which is the highest payout from a single customer at a live hacking event.
"We consider our bug bounty researchers an extension of our team, and these live hacking events help us strengthen our relationships and empower our community" - Chris Holt, Senior Technical Security Engineer at Verizon Media
After the first night of the event, 637 reports had been submitted and over $745,000 were paid in bounties.
The event was not just for seasoned hackers, though. A mentorship program was also available, introducing attendees to security concepts, tools, the basics of the hacker mindset, and how various flaws work.
Compared to a regular bug bounty program, live hacking events are in-person and allow hackers and the security teams of participating organizations work together to identify and validate security flaws.
After three nights of hacking, one participant stood out as the most valuable hacker. That was Romanian national Cosmin Iordache, who earlier this year at a live hacking event in Singapore was able to find a bug in Dropbox and was rewarded with $23,000 for it.
First six millionaires
Founded in 2012, HackerOne has grown into a popular bug bounty program. Earlier this year, the platform announced that 19-year-old Santiago Lopez was the first hacker to make $1million from bug bounty reports.
Lopez was present at this year's edition and along with Ian Bouchard and Jon Colston won the top nightly honors.
Last week, the program announced that five more hackers reached the millionaire status through responsible vulnerability disclosure.
"Now, Mark Litchfield (â@mlitchfieldâ) from the U.K., Nathaniel Wakelam (â@nnwakelamâ) from Australia, FransRosen (â@fransrosenâ) from Sweden, Ron Chan (â@ngalogâ) from Hong Kong, and Tommy DeVoss (â@dawgygâ) from the U.S. joined the $1M hacker ranks by hacking for improved internet security,"
Gloss