Hackers fix 20 security flaws in cryptocurrency-related platforms in 2 weeks


 634 total views

White-hat hackers continue to rid blockchain projects of their bugs, having earned a minimum of $7,400 for fixing security flaws in popular cryptocurrency platforms like Monero and Stellar.

Seven cryptocurrency-related projects dished out rewards to blockchain hackers for finding and patching 20 software bugs in the past two weeks (between March 14 and 28), according to HackerOne data reviewed by Hard Fork.

Platforms Augur, Monero, ICON, and Stellar distributed bounties to security researchers – even services Crypto.com, Robinhood, and Omise recently paid hackers to fix up their code.

Which blockchain-related startup featured the most bugs this time?

Omise, the firm behind the OmiseGO cryptocurrency, topped the list with eight HackerOne vulnerability reports submitted in the past fortnight.

Blockchain-based prediction betting market Augur was found with three code-kinks equal to $2,850 in rewards, with one bug labeled “medium risk” worth $2,500 all by itself.

Digital asset wallet-slash-exchange service Crypto.com also fielded three reports, worth a combined $2,250.

Anonymity-focused altcoin Monero paid hackers twice for fixes. Interoperability blockchain ICON processed one patch worth $1,000. Stellar, too, paid just once, but the amount designated to the bounty remains undisclosed.

Robinhood (the company behind the stock trading app that began supporting cryptocurrency exposure last year), awarded bug bounties for two security fixes, however again, the details of those vulnerabilities were not disclosed.

Unfortunately, a great majority of the reports remain locked, and the few made public relate to minor bounties; small bugs that could have allowed users of Omise and Augur services to be maliciously redirected to dodgy sites.

Still, eight projects, 20 bugs and a minimum of $7,400 in payouts in just the last two weeks. It sounds bad (and it could be), but it’s pretty much par for the course at present.

Indeed, 43 bounties for security fixes in blockchain-related platforms were paid between February 13 and March 13, with a minimum of $23,675 paid to the hackers who patched them.

Read More


Blockcast.cc does not endorse any content or product on this page. While we aim at providing you all important information that we could obtain, readers should do their own research before taking any actions related to the company and carry full responsibility for their decisions, nor can this article be considered as investment advice or recommendations. Every investment and trading move involves risk, you should conduct your own research when making a decision.