News

Bug Finder on Coinbase Cryptocurrency Exchange Walks Away With $30,000

An unidentified bug finder has just cashed out $30,000 after it was awarded to them by Coinbase, a U.S. based cryptocurrency exchange. The bounty hunter had discovered an error on the platform which could pose security threats. However, the exact nature of the bug has not been disclosed, according to a media report on February 16.

Bug Finder Uploads Report on Coinbase

Based on reports, Coinbase has paid $30,000 to a bug finder after they uploaded a report of the issue they had discovered to Coinbase’s vulnerability disclosure program. The money was later awarded by the exchange as part of its Bug Bounty Program. While the nature of the fault that was discovered has not been disclosed, it can be assumed that the level of threat was high due to the amount that was paid.
Nonetheless, the bug has been fixed even though the vulnerability report is inaccessible to users. Prior to this time, Coinbase had stated in its terms that bounties are awarded based on the severity of the vulnerability that was discovered. Thus, a bounty hunter can win either $200, $2,000, $15,000 and even as high as $50,000 for impacts rated as low, medium, high, and critical.
According to the Exchange:

In order to be deemed valid, a report must demonstrate a software vulnerability in a service provided by Coinbase that harms Coinbase or Coinbase customers….We determine severity based on two factors: impact and exploitability.

Critical Impact Specifications

In the same vein, specifications have been outlined before a reported flaw can be classified as critical. Here, an attacker must be able to take advantage of a loophole to either read or make modifications to sensitive data in the system. They must also be able to “execute arbitrary code on the system, or exfiltrate digital or fiat currency in some way.”
One more condition that has been outlined, is the ability of the hacker to exploit the system without finding significant roadblocks that may discourage them from their attempts. During the course of the week, three bounties have been awarded prizes by the cryptocurrency exchange, but they were rated as “low-impact attack vectors”.

Coinbase Gave Out $10,000 in 2018 for Discovered Bug

Further reports reveal that the US-based exchange in 2018 had awarded $10,000 to some researchers who discovered an error that could enable people to reward themselves with unlimited amounts of Ethereum. That aside, Block.one, an EOS developer also awarded about $80,000 in bug bounties in 2019.
It is worthy to note that by encouraging people to discover errors on platforms, it also helps to strengthen the exchanges’ security. Given the recent turn out of events on exchanges like Coincheck which was hacked in 2018 and Cryptopia which was hacked on January 14, 2019, the need for a bounty of this nature becomes needful.

Related posts
cryptocurrencyCryptocurrency NewsdogecoinDOGEUSDNewsXRP NewsXRPUSDXRPUSDT

Why DogeCoin Flipping XRP Is Extremely Alarming

When DOGE bulls put on their seat belts and drove bullishly to new levels, XRP had to give way for the meme coin to take the 4th position. At the time of this report, Dogecoin is valued at a market…
BitcoinBitcoin NewsbtcusdBTCUSDCBTCUSDTMarketsNewsxbtusd

What The ‘Second Leg’ Of The Bitcoin Bull Market Will Look Like

The first phase of the Bitcoin bull market kicked off late last year when Bitcoin crossed $20,000 for the first time since its conception. The market went ballistic as Bitcoin hit $21,458 on the 16th of December and only shed…
BitcoinBitcoin NewsbtcusdBTCUSDCBTCUSDTNewsxbtusd

MercadoLibre, The ‘Amazon of Latin America’ Has Bought $7.8 Million In Bitcoin

Argentine E-commerce platform MercadoLibre, which has been branded the “Amazon of Latin America” has stepped into the Bitcoin market. The company, which has several branches in the United States revealed that it had purchased almost $8 million worth of Bitcoin….