Both security researchers and hackers have successfully proven that even biggest virtual currencies and their underlying blockchain systems often suffer from severe security vulnerabilities despite being worth billions of dollars. However, this also gives an opportunity to so-called ethical hackers, who often reap sizeable financial rewards for their efforts.
A Dutch ethical hacker Guido Vranken has recently found and reported 11 vulnerabilities within the EOS code during the last week. Finding one grants a $10,000 payout, meaning that Mr. Vranken earned himself well over $100k in bounty payments from the EOS parent company Block.one. He has also previously reported bugs to Ethereum, Ripple and Stellar.
How to make $80k in one day: Blockchain bugs. Congrats @GuidoVranken and best of luck on your future bugs! #bugbounty @Hacker0x01 Find bugs on @eos_io and get rewarded on HackerOne! https://t.co/YpsA2LdIA0 #EOS pic.twitter.com/ZHrr6ifoKV
— Jon Bottarini (@jon_bottarini) June 4, 2018
Shortly after reporting the security threats, Mr. Vranken was offered a position in the company. He also confirmed that the company has since fixed the bugs.
He went on to add that, “The EOS people are very appreciative of my efforts. Reported bugs were quickly analyzed and fixed in their public repository. At first the process was very ad-hoc because [EOS CTO] Daniel Larimer and I were sending files back and forth on Telegram, but they’ve since started to run a bug bounty program on HackerOne which I think is in the best interest of both bug finders and the EOS team.“
EOS has come under fire recently for failing to properly deal with security issues, despite raising $4 billion in the largest ICO so far. Comedian John Oliver even went on to call EOS “a software startup that doesn’t plan to sell any software” in his popular HBO show Last Week Tonight.
Just last week a Chinese digital security firm Qihoo 360 discovered several “high-risk vulnerabilities”, which would have allowed attackers to gain remote access and control any EOS node. Couple that with a fact that EOS mainnet launch was scheduled to happen in a couple of days.
The company stated that all bugs were liquidated by the time of the launch, although there were reports, claiming that in the days after the launch EOS blockchain still was not fully functional.
The EOS price has seen significant gains since the mainnet launch, going from $12 to trade at around $14 at press time.
Image Source: “Flickr”