How Hackers Make a Living: Bug Bounty Edition

When you first think about how a hacker makes a living, you might stumble on the thought that they just steal peoples private information and sell it. Which might be true in some cases but not all hackers are bad guys. Over the years big companies have lost tremendous amount of profits do to hackers that they wanted to build an incentive to defend and compete against this hidden enemy.

Back in the 1980’s bug bounty was born to incentives hackers to find bugs for companies that can do tremendous amount of damage. They would pay anywhere from $50 — $100 per bug. Over the years that amount has gone up and many companies like Google, Facebook, and Microsoft have implemented this idea.

In 2019 Facebook payed out $2.2 million in bug bounties alone and in the total time they have been running their program they have payed out $9.8 million.

In 2008 a cyber security company called Crowdstrike drew the data of 30,000 breaches and found out which country had the fastest hackers.

Where would you even get started on bug bounty? Over the years companies have grown to work with hackers and created communities that show you all available bounties and actually train you how to hack. Hacker One is one of those companies that work with Playstation to report bug bounties.

Companies pay hackers depending on the difficulty on finding the bug and how much damage one can do if they exploit the bug. It can range anywhere from $50,000 — $500 and varies from company to company.

Here we have an anonymous user that goes by Boris Larin that has found multiple bugs from PlayStation and got payed. Over $70,000 in bug bounty for the year of 2020 so far.

Not all bug bounties are disclosed to the public and I believe this is because you don’t want to tell people where your issues are because they might find many more like them. However I was able to find one to show today.

Here we have Andy that found a bug for Playstation and was awarded $10,000 for his findings.

He was able to find a way to steal and manipulate users data and run pirated games on playstation. This type of bug good cause PlayStation thousands of dollars if someone really wanted to do some damage. Just go to show that bug bounty is a great program to defend against hackers.

As technology continues to be bigger part of our life’s we have to think about how to protect ourselves and our users from these attacks. The reality is that there are some people that want to do harm in the world and we have an obligation to help stop those attacks that can hurt society.