Hackers Earned More Than $19 Million in 2018 by Participating in Bug Bounty Programs

HackerOne published 2019 hacker report, which details the individuals that represent the HackerOne community.

In the past year alone hackers earned more than $19 million in reporting bounties and most of the hackers are under the age of 35.

2018 is the incredible year for hackers, where they earned $100K for one vulnerability and the first hacker passing the $1 million milestone. Many of the individuals use HackerOne for career building opportunities through bug bounties, with companies hiring from within the hacker community.

In total as of December 2018, HackerOne has more than 300K+ registered hackers, 100K+ vulnerabilities reported and $42M paid in bounties.

“Countries like Iceland, Ghana, Slovakia, Aruba, and Ecuador have hackers with as much determination, skill and success as those from India, the United States, Russia, Pakistan, and the United Kingdom,” reads the report.

Out of the $42+ million bounties awarded the organizations from the U.S. and Canada paid the most followed by the organizations in the U.K., Germany, Russia, and Singapore.

Learn: Web Hacking and Bug Bounty Course and Get Paid for Hacking and Disclosing Bugs

According to the hacker report, the hackers from the U.S., India, and Russia earns around 36% of the total value of awarded bounties and the Canadian hackers earned 3.3%.

Hacker-powered security is creating opportunities across the entire globe, the unemployment rate for trained cybersecurity personnel is infamously 0%.

Hacker’s Favorite Tools –
Hacker Report

Here you can see the list of the tools used by hackers to test the vulnerabilities in network and applications.

Hackers have shown love in finding vulnerabilities in web applications followed by APIs, Android apps, operating systems and downloadable
software.

Over 38% of hackers said finding cross-site scripting (XSS) is their favorite attack vector and the SQL injection placed second (13.5%).

In the Spot Light

Santiago Lopez(@try_to_hack) is the first hacker who reached $1 million in bounty, he start reporting vulnerabilities in 2015 on HackerOne.

“I do not have enough words to describe how happy I am to become the first hacker to reach this landmark,” said Lopez.

Lopez leads the HackerOne’s leaderboard, he ranked number one out of three hundred and thirty thousand hackers competing for the spot.

Related Read

Intel Expands Bug Bounty Program Rewards To $250,000 for Meltdown and Spectre Like Vulnerabilities

Bug Bounty Researchers Make More than 2.7 Times Salary of an Average Software Engineer

Facebook Launches Data Abuse Bounty Program With rewards Up to $40,000