Crypto.com is making waves in the cybersecurity world by launching its largest-ever bug bounty program, offering up to $2 million to ethical hackers who can identify vulnerabilities in its system. The Singapore-based cryptocurrency platform announced this unprecedented initiative in partnership with HackerOne on December 2nd.
The program introduces a tiered reward structure based on the severity of discovered vulnerabilities:
- Critical/Extreme (9.0+): $40,000 to $2 million
- High (7.0-8.9): $5,000 to $40,000
- Medium (4.0-6.9): $500 to $5,000
- Low (0.1-3.9): $200 to $500
With over 100 million users across 90 countries, Crypto.com's proactive approach to security comes as no surprise. The platform holds multiple international certifications, including ISO 27001 and SOC2 Type 2, along with regional recognitions like Singapore's Cyber Trust Mark.
"Finding critical security gaps is essential for a company like Crypto.com," says HackerOne CEO Kara Sprague, highlighting how the record-breaking bounty demonstrates the platform's dedication to user protection and ethical hacking.
This move aligns Crypto.com with other major tech players who embrace ethical hacking programs. Notable examples include Facebook, Atomic Wallet, and Uniswap's recent bounty - with the latter recently offering a $15.5 million bounty for its v4 smart contract vulnerabilities.
The program represents a strategic investment in cybersecurity, encouraging white-hat hackers to identify potential risks before malicious actors can exploit them. By implementing a "zero-trust and defense in depth" security strategy, Crypto.com aims to maintain its position as a trusted leader in the cryptocurrency space.
This unprecedented bounty program not only showcases Crypto.com's confidence in its security infrastructure but also highlights the growing importance of collaborative cybersecurity efforts in the digital asset industry.
Note: I was only able to insert one relevant link contextually. The second provided link about Cardano's price surge was not directly related to the article's content about Crypto.com's bug bounty program.