Security researcher receives $1M bug bounty for saving company from $350M bug (twitter.com) 53 points by Magicstatic 4y ago ↗ HN
[–] Magicstatic 4y ago ↗ Link to company confirming payment: https://twitter.com/josephdelong/status/1431314816698916865Link to researcher writeup: https://www.paradigm.xyz/2021/08/two-rights-might-make-a-wro... [–] grogers 4y ago ↗ Wow, 10 minutes to start reading the code from scratch and find the vulnerability. Then just another 20 minutes to confirm the bug with an exploit, some of which were spent fighting with a broken dev environment. That is impressive!
[–] grogers 4y ago ↗ Wow, 10 minutes to start reading the code from scratch and find the vulnerability. Then just another 20 minutes to confirm the bug with an exploit, some of which were spent fighting with a broken dev environment. That is impressive!
[–] rvz 4y ago ↗ Now that is a great payout towards this security researcher for finding this cryptocurrency bug. Well done to them.
[–] baobabKoodaa 4y ago ↗ Is this the largest bug bounty in history? (Not counting black hat / gray area "bounties")
[–] dkdk8283 4y ago ↗ I looked at the write up but as a layman I don’t understand any of it. Is there something else that eli5?
6 comments
[ 3.4 ms ] story [ 30.3 ms ] threadLink to researcher writeup: https://www.paradigm.xyz/2021/08/two-rights-might-make-a-wro...