Omise, the software firm behind cryptocurrency OmiseGo, fielded the most fixes (six). Blockchain-powered prediction market Augur disclosed three reports, as did Brave Software, makers of the Brave browser, which features its own native token.
Projects adjust their HackerOne rewards to the severity the discovered security flaws. Whilst the majority of Omise’s reports were only worth around $100 each, other payments in the past seven weeks were much higher.
Block.one, the firm behind the EOS “blockchain,” rewarded one hacker with $10,000 for a single fix, as did budding network Aeternity.
The amount of hackers who prefer to fix security issues seems to be remaining steady — but sometimes they can make off with much bigger amounts exploiting vulnerabilities themselves.
Indeed, cryptocurrency exchange Binance revealed attackers had successfully stolen 7,000 BTC (then $40 million, now $55 million) from its own wallets last week.
Coincidentally, Binance runs its own bug bounty program with a maximum reward of $100,000 for the most critical of vulnerabilities. The Binancehacker remains at large.