A $30,000 Reward for Discovering Bug in the Coinbase Exchange

Last Modified:12 May 2020 17:28:27
A $30,000 Reward for Discovering Bug in the Coinbase Exchange

The Hackerone website is one of the largest and most well-known websites among developers and hackers, and it provides reward-giving programs which works toward discovering vulnerabilities and fixing them. According to the announcement by Hackerone which was published on behalf of Coinbase, this website has said that it will give an award of $30,000 to the person who is able to find a serious software error in Coinbase website. It is paid by Coinbase, a large American cryptocurrency exchange, and wallet services provider.

Coinbase is one of the largest cryptocurrency exchanges, and according to the published news, it is the second largest investor in holding bug bounties competitions. This exchange has paid $290381 in rewards.

On February 11, someone won the reward Coinbase had announced in Hackerone website, after discovering a software problem in this exchange’s system. However, this problem is not publically explained in Hackerone website.

According to reports published by The Next Web website, it turned out that Coinbase has accepted this software problem without referring to its details. Of course, this problem has been solved so far.

The Amount of Announced Reward for Discovering Vulnerability

The four-stage reward-giving system of Coinbase showed that the discovered software problem vulnerability had been very serious and dangerous. This system rewards developers based on the seriousness of the problem as follows:

- $200 for low vulnerability

- An average of $2000 for medium vulnerability

- $15000 for high vulnerability

- $50,000 for critical problems

Coinbase exchange defines critical problems in the award-giving system as follows:

“critical problems are vulnerabilities of the system that allows hackers to read and change sensitive data. Also, hackers will be able to run any code they like and engage in stealing cryptocurrencies or fiat money.”

On the other side of critical problems are low-level problems that do not allow hackers to infiltrate data, and in them, the sensitivity and breach of data is relatively low.

The reward-giving system announced its fourth given award. In 2019, a Dutch company claimed that it has succeeded in finding a small vulnerability in the small contract and received an award of $10,000 for identifying this vulnerability. This discovered vulnerability let the hackers steal an indefinite amount of Ethereum.

According to the reports recently published by the news website Cointelegraph, EOS company is going to work toward developing the Blockchain for EOS cryptocurrency, which is the fourth valuable cryptocurrency in the market. So far, this company has paid a couple of $10,000 rewards for discovering critical vulnerabilities. The technology news website The Next Web announced that in 2018, white hat hackers were able to receive $878,000 in bug bounties.

The blockchain is a distributed, encrypted, and secure infrastructure. Cryptocurrencies came to existence based on the Blockchain technology.

Bug bounties is a kind of competition in which companies which have a software production and development program, invite hackers to hack their software and make their vulnerabilities known. Furthermore, these companies can fix the problem of software before they are exploited.

www.counos.io