White hat hackers are quietly emerging: repairing 20 cryptocurrency vulnerabilities in a month and winning $23,675

As the saying goes: "There is no wall that is not airtight." There are no applications without security holes in the world. Only large enterprises will reduce security vulnerabilities through strict programming specifications and adequate testing, but people will make mistakes. The program does not guarantee 100% security.

What should I do if I encounter a security breach? Traditional applications benefit from a centralized architecture that immediately stops the service, fixes the vulnerability, and rolls back to a normal state to minimize the impact of the security breach. The cryptocurrency is decentralized, it is unlikely to roll back the transaction, and the cryptocurrency involves real money , which is easy to be targeted by hackers.

As a result, many cryptocurrency projects have begun to take a different approach. Instead of facing a security breach that could cause huge losses, why not spend a small amount of money to hire hackers to fix vulnerabilities for themselves? In this way, hackers can go to the table to win honors and bonuses with their own skills. It can be said that this is the best of both worlds.

However, such a result can be said to be, do not check do not know, a check scared. Here to sell the first, I want to know how serious the security of these cryptocurrency projects , let us find the answer in the article.

White hat is quietly rising

Nowadays, white hat hackers have become a trend to fix security vulnerabilities for cryptocurrency projects. According to incomplete statistics, in the past two weeks (March 14 to March 28) Monero and stellar coins ( Stellar and other popular cryptocurrency platforms have given hackers who fix security vulnerabilities at least $7,400 in rewards .

According to data from the vulnerability disclosure platform HackerOne, in the past two weeks, hackers have fixed seven security vulnerabilities in cryptocurrency-related projects and won the platform's rewards.

These “golden” platforms include the decentralized forecasting market platform Augur, Monroecoin, ICON, which is known as the Ethereum in Korea, the stellar currency, and even the cryptocurrency trading platform Crypto.com , which is newly added to the cryptocurrency trading field. The trading platform Robinhood and the V God platform are known as Omise for the blockchain version of Alipay.

These platforms are still in the rapid development of the business, and security vulnerabilities are inevitable, but which platform is the most identified security vulnerabilities?

In the past two weeks, Omise, the operating company behind the cryptocurrency OmiseGO, has received eight copies of the HackerOne security vulnerability , ranking first in all platforms.

Based on the blockchain-based decentralized forecasting market platform, Augur was identified with three security vulnerabilities and a total of $2,850 in rewards, including a “medium-risk” security breach of $2,500.

Crypto.com, a cryptocurrency trading platform, also received three reports of security vulnerabilities, with bonuses totaling $2,250.

Number of security vulnerability reports received by each cryptocurrency-related platform

The cryptocurrency Monroe coin with anonymity as a selling point paid hackers two rewards for fixing security vulnerabilities. In Ethereum in South Korea, ICON, a cryptocurrency currency with interoperability as a selling point, paid a $1,000 repair security vulnerability award. The stellar coin also paid a sum, but the specific amount of the award has not been disclosed.

Robinhood, an operating company that started supporting traditional stock trading applications that used cryptocurrency trading last year, paid hackers two rewards for fixing security vulnerabilities, but the details of these vulnerabilities have not been disclosed.

Unfortunately, most of the security vulnerability reports are still in a state of confidentiality. Currently, there are some low-risk security vulnerabilities that are rarely reported in the bounty. For example, the Omise platform and the Augur platform have a security vulnerability. Users When you open its official website, you may be maliciously redirected to a fake website by a hacker.

In the current data alone, in the past two weeks, hackers have fixed 20 security vulnerabilities in seven cryptocurrency-related projects and received at least $7,400 in rewards.

This data is sensational, and this is still a normal phenomenon. In fact, during the month of February 13 to March 13, the number of security voucher repair bonuses paid by cryptocurrency-related platforms to hackers reached 43. Pen, the amount is at least $23,675 .

Encrypted currency security, high mountain road

In general, once a company encounters a fatal security breach, it will choose to pay a large amount of sealing fees. The security vulnerabilities that ordinary people can access are few and far between, even in this case, the data is amazing.

This can not help but cast doubt on the security of cryptocurrency projects. So, these emerging cryptocurrency projects still have a long way to go…

Source | TNW

Compilation | Guoxi

Produced | Blockchain Base Camp (blockchain_camp)

We will continue to update Blocking; if you have any questions or suggestions, please contact us!

Share:

Was this article helpful?

93 out of 132 found this helpful

Discover more

Market

Jump Trading's Crypto Waterloo: Forced to Exit US Crypto Trading Market, Facing Terra Class Action Lawsuit

For Jump Trading, the traditional high-frequency trading giant in the encryption circle, the past year has undoubtedl...

Market

Dialogue with Circle CEO How can USDC recover the market lost due to SVB's bankruptcy?

In this interview, Laura Shin and Jeremy Allaire discussed various topics including Coinbase's investment in Circle, ...

Finance

The Block Editor-in-Chief 5 Innovative Projects Worth Paying Attention to

Promising emerging projects include derivatives protocols, governance platforms, and infrastructure, among others. Au...

Blockchain

Hong Kong Stock Exchange with cross-border marriage: will enter digital asset trading within three years

On September 11, the Hong Kong Stock Exchange suddenly announced that it intends to issue a merger proposal to the Lo...

Blockchain

Data decreased slightly, rumors triggered a single-day net outflow of Binance

From the data of the past week (02.17-02.23), compared with the previous week (02.10-02.16), all the data have slight...

Blockchain

The compliance exchange is about to appear in Singapore?

On December 18, 2019, the official website of the Monetary Authority of Singapore (hereinafter referred to as "M...