Coinbase is the world’s largest cryptocurrency exchange. It recently announced that the company will participate in HackerOne’s “Hack the World” competition. With a winning prize of $50,000, coinbase has taken this action to extend its bug bounty program and to show the world that the company has top notch security.
Also Read: You can now purchase bitcoins instantly
Bug bounties
Introducing bug bounties is a way for companies to find loopholes in their security system. Hackers from all over the world participate to discover code issues and security loopholes in the company’s system. Therefore, upon successful discovery, hackers are rewarded through these bounties.
Philip Martin, head of security at Coinbase said:
“We’re thankful to all the security researchers who have worked hard to find and report vulnerabilities.”
He further added:
“Instead of researchers facing a choice between using a vulnerability themselves, selling a vulnerability to 3rd parties or giving a vulnerability away for free, bounties present a good, legal, risk-adjusted return for the time invested by a researcher.”
Up till now, Coinbase has discovered 73 vulnerabilities in its system. Emphasizing bounties, Martin said:
“De-criminalize the actions of good-faith security researchers, while still forbidding malicious hacking. Over five years, the exchange has paid out $176,031 in bounties to 223 researchers across 346 valid reports out of a total of 3101 reports submitted”
Quick Read: Ledger partners with Intel
Hack The World
Hosted by HackerOne, Hack the World invites hackers from all around the world with one specific goal: to hack! In addition, the event is sponsored by different companies like Uber, Github, Airbnb, Mapbox and Dropbox.
Different prizes up for the grab
The competition offers different tasks and different prizes on the completion of those tasks. Among these, the biggest ones are:
- Remote Code Execution: $50,000
- Significant manipulation of account balance: $10,000
- XSS/CSRF/Clickjacking affecting sensitive actions: $7,500
- Theft of privileged information: $5,000
- Partial authentication bypass: $3,000
This year, Coinbase itself has joined one of the competitions hosted at the event. According to sources, the company’s purpose of participating in the competition is:
“To help build stronger relationships between our hackers and our customers, reward high signal and high impact reports, and to have some fun along the way by giving out some awesome prizes to our top hackers.”
Read More: Bitcoin – what is the fuss about?
Coinbase is offering a competition to submit bugs and the top 3 most impactful bug submitters will be rewarded. The prize for 1st position is $10,000, $7,500 for 2nd position, and $5,000 for 3rd position. However, the most impactful bug will be judged by the security team at Coinbase based on factors such as bug severity, report quality, and system criticality.
Although the company is making efforts to show the level of security, storing Bitcoins on the exchange isn’t entirely safe. According to Fortune:
“There have been months when Coinbase users have been robbed as often as 30 times—a rate of one robbery every single day.”
CEO at Coinbase, Brian Armstrong told media:
“We need to be held to a higher standard because digital currency is so new and interesting and powerful that it is attractive to a lot of people out there to try to steal it.”
Coinbase assigns passwords to users so they can carry out their transactions easily. However, the thefts reported have mostly been from the customer side as smartphones are quite vulnerable to hacking.
Leave a Reply
This site uses Akismet to reduce spam. Learn how your comment data is processed.
