Bug bounty platform HackerOne announced that two of its members have each earned more than $1 million by participating bug bounty programs.
Bug bounty programs could be a profitable activity, the popular bug bounty platform HackerOne announced that two of its members have each earned more than $1 million by helping companies in discovering flaws in their systems.
Of course, we are speaking of two white hat hackers that dedicate their time to finding vulnerabilities.
HackerOne on Friday published the 2019 Hacker Report, which provides interesting info on its bug bounty programs. Over 300,000 white hat hackers have registered on the platform that awarded over $42 million in bounties for more than 100,000 vulnerabilities.
“The Hacker Report details the more than 300,000 individuals that represent our hacker community today.” reads the report.
“$19 million in customer bounties earned in 2018 represent nearly the bounty totals for all preceding years combined. At the end of 2018, hackers had earned more than $42 million for valid results.”
The first white hat hacker that was able to earn over $1 million through HackerOne programs was Santiago Lopez from Argentina. Lopez is a 19-year-old hacker goes online with the moniker ‘try_to_hack,’ is a member of the HackerOne platform since 2015. The young hacker has already discovered thousands of vulnerabilities through the platform, including flaws in Twitter and Verizon Media services.
“Like many hackers, Lopez is self-taught. He was first inspired to get started after seeing the movie Hackers and learned to hack by watching free online tutorials and reading popular blogs. In 2015, at 16-years-old, he signed up for HackerOne and earned his first bounty of $50 months later. He chose his alias “try_to_hack” to keep himself motivated — he was determined to try to hack companies regardless of whether he knew he could succeed. He keeps the name today to remind him of how he started as a bug bounty hacker.” reads a post published by the Associated Press.
“Over the past three years of hacking after school and now full-time, he has earned nearly forty times the average software engineer salary in Buenos Aires on bug bounties alone.”
The second white hat hacker who made the headlines earning over $1 million is Mark Litchfield, which goes online with the moniker ‘mlitchfield.’ Litchfield discovered hundreds of vulnerabilities in the software from major firms, including Dropbox, Yelp, Venmo, Starbucks, Shopify and Rockstar Games.
Among the most interesting surprises emerged in the report is the increase of the members of from African countries.
Most of the hackers are under the age of 35 and 81% claim to have learned to hack on their own
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.