Thursday, April 18, 2024

Hackers Earned More Than $19 Million in 2018 by Participating in Bug Bounty Programs

HackerOne published 2019 hacker report, which details the individuals that represent the HackerOne community.

In the past year alone hackers earned more than $19 million in reporting bounties and most of the hackers are under the age of 35.

2018 is the incredible year for hackers, where they earned $100K for one vulnerability and the first hacker passing the $1 million milestone. Many of the individuals use HackerOne for career building opportunities through bug bounties, with companies hiring from within the hacker community.

hacker report

In total as of December 2018, HackerOne has more than 300K+ registered hackers, 100K+ vulnerabilities reported and $42M paid in bounties.

“Countries like Iceland, Ghana, Slovakia, Aruba, and Ecuador have hackers with as much determination, skill and success as those from India, the United States, Russia, Pakistan, and the United Kingdom,” reads the report.

Out of the $42+ million bounties awarded the organizations from the U.S. and Canada paid the most followed by the organizations in the U.K., Germany, Russia, and Singapore.

Learn: Web Hacking and Bug Bounty Course and Get Paid for Hacking and Disclosing Bugs

According to the hacker report, the hackers from the U.S., India, and Russia earns around 36% of the total value of awarded bounties and the Canadian hackers earned 3.3%.

hacker report

Hacker-powered security is creating opportunities across the entire globe, the unemployment rate for trained cybersecurity personnel is infamously 0%.

Hacker’s Favorite Tools –
Hacker Report

Here you can see the list of the tools used by hackers to test the vulnerabilities in network and applications.

hacker report

Hackers have shown love in finding vulnerabilities in web applications followed by APIs, Android apps, operating systems and downloadable

Over 38% of hackers said finding cross-site scripting (XSS) is their favorite attack vector and the SQL injection placed second (13.5%).

In the Spot Light

Santiago Lopez(@try_to_hack) is the first hacker who reached $1 million in bounty, he start reporting vulnerabilities in 2015 on HackerOne.

“I do not have enough words to describe how happy I am to become the first hacker to reach this landmark,” said Lopez.

Lopez leads the HackerOne’s leaderboard, he ranked number one out of three hundred and thirty thousand hackers competing for the spot.

Intel Expands Bug Bounty Program Rewards To $250,000 for Meltdown and Spectre Like Vulnerabilities

Bug Bounty Researchers Make More than 2.7 Times Salary of an Average Software Engineer

Facebook Launches Data Abuse Bounty Program With rewards Up to $40,000


Latest articles

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall Vulnerability (CVE-2024-3400)

In the wake of the recent disclosure of a critical vulnerability (CVE-2024-3400) affecting a...

Cerber Linux Ransomware Exploits Atlassian Servers to Take Full Control

Security researchers at Cado Security Labs have uncovered a new variant of the Cerber...

FGVulDet – New Vulnerability Detector to Analyze Source Code

Detecting source code vulnerabilities aims to protect software systems from attacks by identifying inherent...

North Korean Hackers Abuse DMARC To Legitimize Their Emails

DMARC is targeted by hackers as this serves to act as a preventative measure...

L00KUPRU Ransomware Attackers discovered in the wild

A new variant of the Xorist ransomware, dubbed L00KUPRU, has been discovered in the...

Oracle Releases Biggest Security Update in 2024 – 372 Vulnerabilities Are Fixed – Update Now!

Oracle has released its April 2024 Critical Patch Update (CPU), addressing 372 security vulnerabilities...

Outlook Login Panel Themed Phishing Attack Evaded All Antivirus Detections

Cybersecurity researchers have uncovered a new phishing attack that has bypassed all antivirus detections.The...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.


Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

Related Articles