And legal hacking platforms.
Recent Coincheck 500 million hack, WannaCry, Democrats (i'm sure it was not hack - it was a password written on a sticker lol) and etc - all these stories are about dark hackers.
There're 3 types of hackers:
Cyber anarchists or those who have a greater goal, The Mission. Most of the time its not about money.
These folks look for exploits in financial/banking systems, they breach them and steal money. Industrial espionage is here too, as well user systems are.
Programmers who look for breaches in security systems at no cost or for a fixed fee or for fun (challenge for themselves and others).
From the legal point of view, all these groups are equal, and any actions that cause damage are prohibited. But the latter can go on an alternative path, engaged in legal hacking.
AIn the early 2000s, large companies and government organizations realized that we should not fight, but cooperate with hackers. Despite this does not completely exclude attacks, but greatly reduce their number. Rewards depend on the size of the company and its security level.
Here are a few examples:
In Tesla, they are ready to pay $ 10,000 to anyone who finds a breach in their safety.
Pinterest starts from $ 50, the upper limit is $ 1500.
The limit of one-time earnings for hacking the DropBox is just under $ 5000.
Facebook has a fixed tariff for a bug of $ 500.
However, many companies simply can not afford such costs on security, so you have to deal not with experienced hackers, but with simple users. This happens with the help of special platforms. About what it is for the platform and how large a fish there live, let's talk further.
One of the largest platforms for legal hacking. At the moment, it has registered more than 22 thousand hackers. The amount of payments exceeded $ 1 million.
Well-known customers: Microsoft, Western Union, Tumblr, MasterCard, Pinterest.
How it works: register, go to the program page, get acquainted with the conditions, break the system, write a report, get a transfer to the next Wednesday.
The first of these platforms. It has a serious approach to the selection of hackers: you need to register, send a resume, take tests and interview. Among the features - the fact of a lump sum payment of $ 30 thousand dollars.
Major clients: the Ministry of Defense and the US Internal Revenue Service.
How it works: after you sign up for the Red Team, the tasks will come automatically. Payments within 24 hours.
HackerOne is known for the largest number of awards. At the moment, the amount has almost reached $ 20 million. I'll have to break APIs, IoT-systems, applications for iOS and Android.
Major clients: Uber, Yahoo, Starbucks, Adobe, Snapchat, US Ministry of Defence.
How it works: register, subscribe to the task, find a bug, send a report, maximum after 7 days receive a reward through PayPal.
A young platform for small companies. There are no big payments here, a fixed price range - 100-1000 dollars.
Major clients: Weebly, Wix, Nexmo.
How it works: register as a tester. After the task is completed, you must send a report to the established form and expect payment of up to 30 days. Money you get through PayPal or crypto currency.
Thanks to such hacker platforms, you can test your knowledge without breaking the law. In addition, ain't its fun: where else can you legally hack into the site of the US Ministry of Defense, and even get a few tens of thousands of dollars for it.