Polygon Rewards White Hat Hacker $75,000

Following a surge in cybercrime in 2021, crypto platforms are becoming ever-more reliant on hackers to help their networks. Cybercriminals are becoming more sophisticated. An attack on a network or an exchange can have devastating results. Networks are, therefore, offering lucrative bounties for hackers that identify flaws.

Coinbase and Cardano Call on Hacker Support

The Cardano (ADA) Foundation and Coinbase (COIN) were in the news last week, with the focus on hacker support.

Coinbase (COIN) hit the news, rewarding hacker “Tree of Alpha” $250,000 for reporting a “potentially market-nuking” security flaw.

In the same week, the Cardano (ADA) Foundation doubled its bounty to lure hacker support. Hackers can earn up to $20,000 to identify critical Cardano Node security vulnerabilities. The increase in bounty is on offer between 14^th and 25^th February. Other bounties are also on offer, including a $15,000 bounty for identifying critical Cardano-Wallet security vulnerabilities.

Such is the demand for hackers and security experts that platforms now exist to reward hackers for identifying vulnerabilities. HackerOne is a platform started by hackers and security experts aiming to make the internet a safer place. HackerOne partners with hackers to uncover security issues for customers.

When considering recent statistics on cybercrime, including ransomware, the money is well-spent. Protecting investors has become a key area of focus for regulators globally, with governments also focused on cybercrime and the funding of illegal activity.

The concern is so great that the White House is due to release an executive order this week to task agencies with the regulation of cryptos in the interest of national security.

Polygon (MATIC) Finds Hacker Support

This week, news hit the wires of Polygon (MATIC), rewarding a white hat hacker $75,000 for identifying a network flaw. Niv Yehezkel reported the bug, tweeting that the vulnerability had “put billions of dollars at risk.”

Excited to share my research on the Polygon to Ethereum PoS bridge, in which I have found a consensus bypass vulnerability that puts billions of dollars at risk. Thank you Immunefi team and Polygon team for the rapid response, professional joint work and quick patching. https://t.co/AKT0HrbWOE

— niv (@invlpgtbl) February 21, 2022

Another bug bounty platform, Immunefi, released a report on the Polygon patch. According to Immunefi, the “Niv Yehezkel discovered a vulnerability in the Proof-of-Stake (PoS) system in Polygon’s smart contract on Ethereum (ETH).”

The vulnerability would have allowed the siphoning of all funds from the deposit manager. A hacker could also have carried out unlimited withdrawals and a Denial-of-Service attack (DoS). Immunefi pointed out that certain conditions would have been required for a successful attack. As a result of the conditions and likelihood of a successful bypass, Polygon downgraded the report from “Critical” to “High”.

Late last year, Polygon had reportedly paid a white hat hacker a $2m bounty for discovering a bug that could have resulted in an $850m loss.

Immunefi is a “bug bounty platform for smart contracts”. Hackers are rewarded for reviewing code and disclosing any vulnerabilities. According to the Immunefi page, more than $20,000,000,000 in hack damage has been averted, with more than $10,000,000 paid out in bounties.