The breach disclosure platform HackerOne confirmed that more than 3,000 vulnerabilities were reported and hackers were rewarded with $878,504 in bug bounties during this year.
Two thousand eighteen was a challenging year for the cryptocurrency world and faced many hacker attacks, market crashes, and losses. However, a massive industry like this can’t be killed so easily. Noticing the increasing attempts to steal investor’s funds, the crypto organizations are trying to take back the control by rewarding hackers who can spot vulnerabilities.
During 2018 hackers reported more than 3,000 vulnerabilities and the total sum of bug bounties rewards received until the end of August was $600,000.
The Top 3 blockchain organizations rewarded with bug bounties are:
(Take note that rewards before 2018 are included.)
1. The creator of EOS – Block.one is in the first place, accounting for 60% of all bounties handed out during this year. The total price of all rewards worth $534,500.
2. Right after Block.one is the leading cryptocurrency exchange – Coinbase with $290,381 awarded in the form of bug bounties.
3. In third place is one of the largest blockchain-based operating systems – TRON handing out rewards amounting to $76,200.
Compared to Coinbase which has been running disclosure programs since 2014, Block.one showed way much better results by launching its disclosure program at the end of May this year. A single hacker received the first reward only a few months after the launch which was worth $120,000.
According to a spokesperson from HackerOne “Nearly 4 percent of all bounties awarded on HackerOne in 2018 were from blockchain and cryptocurrency companies.”. The same person told Hard Fork that “The average bounty for all blockchain companies in 2018 was $1490, that is higher than the Q4 platform average of around $900.” Followed by “One of the top paid crypto hackers earned 7X the median software engineer salary in their country respectively.”
How big is the blockchain bug problem?
In the same interview with Hard Fork, HackerOne told that until the moment there are only 64 blockchain companies on the platform from more than 2000 various crypto companies out there. These statistics show that the bug problem is more significant than it seems and the real number of vulnerabilities may be higher than expected.
It’s important to keep in mind that earlier this year, crippling vulnerabilities were found in Bitcoin and Bitcoin Cash, and more than 34,000 vulnerable smart contracts were reported in Ethereum-based projects.
While making an investment plan for next year, there is only one question to ask reflecting on the above facts – “Will the crypto industry take measures to prevent its investors from losses and assure better security?”