The war against hackers has been raging ever since BitcoinMarket launched back in 2010. Hackers have been targeting crypto exchanges in the hope of striking it rich and cleaning out its hot wallets. However, some exchanges have started creating bug bounty programs. Under these new programs, hackers are rewarded financially for reporting a bug in the system, as an incentive to not hack and cause financial damage to the company. OKEx is the latest crypto exchange to implement such a bounty system.
Security is Vital
Security is one of the most important features of any crypto exchange, so it’s understandable that OKEx wants to make itself as secure as possible. These bounty systems enable it to indirectly hire the best hackers from around the world to break into the site and exploit bad code. However, instead of these hackers holding the site for ransom, they are rewarded for finding these flaws and reporting them to OKEx. In return the hackers get a nice financial reward and a warm fuzzy feeling inside for helping out the crypto community.
Payout Based on a Classification Scale
OKEx has devised a classification scale for the severity of the flaw in its system that is found. Split into four categories, the scale starts at low risk and goes all the way up to serious risk. The rewards are set to be paid out in Ethereum, which given the low price of the crypto at the moment could be a bad idea. Hackers are likely to earn more by exploiting the hacks for the time being, but as crypto markets rebound, this reward will become juicier. The classifications are as follows:
Regular CSRF, SMS bombs, normal data leakage, etc.
Reward: 0 – 1 ETH
Loopholes that could affect some users, alteration of user data, etc.
Reward: 2 – 4 ETH
The unauthorized operation, serious SQL injection, loopholes that could cause a large-scale impact on users, source code leakage, etc.
Reward: 5 – 7 ETH
Loopholes in our core business systems that may endanger the security of users’ assets and data.
Reward: 8 – 10 ETH
Bug Bounties are the “In Thing”
Bug bounties appear to be the new form of bounty hunting. Back in the day, bounty hunters used to scour the planet looking for fugitives on a government’s most wanted list in return for a cash reward. However, with this new digital age the bounties have turned into catching code flaw fugitives. Bug bounties are becoming increasingly popular and platforms could learn from them. It’s better to reward a hacker for giving you a heads up rather than going to town on your hot wallet as EOSBet will testify to.
OKEx has been stepping up its game in the last few weeks, and this new bug bounty system will certainly help it push for the top spot in 24-hour trade volume rankings. Recently the exchange de-listed a number of trading pairs due to inactivity or lack of popularity. Hopefully, this bounty program keeps hackers on the right side of the battle, so OKEx doesn’t have to issue a statement about being hacked anytime soon.