Leading NFT marketplace rewarded $200K to two ethical hackers for discovering loopholes in the system from a bounty program with HackerOne.
The NFT industry has witnessed exponential attacks as hackers are increasing their fraudulent activities to get into the rigid high-tech security system to steal millions of dollars. However, several NFT marketplaces are taking precautions to improve their security infrastructure, and a few of them are organizing bounty programs to reward hackers with a whopping amount if they crack bugs in the system. Recently, OpenSea has paid $200K to two ethical hackers as a bounty reward for finding a bug in the security system in the last ten days.
OpenSea Makes A Move For Ensuring Security
The NFT industry has been booming since its inception as NFT prices are continuously skyrocketing, along with the number of hacks and exploits targeting the NFT space. Unfortunately, anyone can become a victim of an NFT hack, and to prevent this leading NFT marketplace has brought a bounty program for finding bugs in the system.
OpenSea has rewarded $100K each to two ethical hackers. The first award recipient was Corben Leo, chief marketing officer and a prominent security expert at the security firm Zellic. He received a whopping amount of $100K on Monday for finding a critical vulnerability in OpenSea’s system through the bug bounty platform with HackerOne.
The second anonymous recipient was a white hat hacker, Nix, who was also paid $100K for finding a loophole in the security layer on 19th September. However, Nix did not provide further details about the bug. Nix flagged this bug in the HackerOne platform and said, “The vulnerability report and any details around it are confidential.”
An official from OpenSea also confirmed that these bounties were accurate and genuine. He also mentioned that required patches to the vulnerabilities were added immediately. OpenSea was also satisfied as the bounty program went according to their expectations.
The spokesperson said, “We’re pleased to see the community’s engagement with this program, and even more excited that our average response and patch times have gotten much faster since the program’s launch in October 2021.”
OpenSea’s Bounty Program Becomes A Messiah
NFT marketplace OpenSea has always been a victim of several attacks and exploits in the security system. Recently, OpenSea became a victim of an email breach which created panic among NFT creators on the platform.
NFT thieves exploit bugs and protocols’ flexibility for creating NFT smart contracts. This approach is similar to ice phishing, where hackers leave smart contracts empty and write on them after the victim signs them.
Being the largest NFT marketplace in terms of volume, OpenSea wants to ensure that there are zero interface issues and loopholes in the system to secure the NFTs of users. To solve these issues, OpenSea started a bounty program with HackerOne, a crowdfunded ethical hacking platform designed to discover basic vulnerabilities in a company’s system before it can attract hackers to conduct fraudulent activities.
According to the bounty program, OpenSea offers different rewards depending on the threat’s seriousness. For example, a low-level smart contract bug can fetch a white hat hacker $6K, whereas a critical one can bring $100K. As a result, it is expected that more firms will follow the trails of OpenSea to solve their security issues and build a trustworthy environment for their users.
