Singapore’s Crypto.com is offering $2 million to anyone who can find and report vulnerabilities as a sign of its confidence in its modern and advanced security system. The bounty program is currently the largest on the website and HackerOne, offering an open range, fast payment, and fully compliant with platform standards.
Crypto.com announced its partnership with HackerOne and a $2 million funding plan via a Twitter/X post and company update last December 2. This program is part of the company’s commitment to promoting security and compliance and is supported by various certifications, including ISO 27001, ISO 27017, ISO 27019, ISO 22301, ISO 27701, SOC2 Type 2, and PCI DSS 4.0.
In addition to these international certifications, Crypto.com boasts regional certifications, such as Singapore’s Cyber ​​Trust Mark and Data Protection Trust Mark.
Crypto.com Improves Security, Bounty Program
Crypto.com continues its security partnership with HackerOne, and this month, they jointly released a statement to improve their existing bug bounty program, which now offers rewards of up to $2 million. This is the first time the company’s bounty program has reached this amount, and it is now the largest bug bounty program with HackerOne in crypto and beyond.
Today we present a fantastic $2 million bug program @Hacker0x01.
Safety and security are paramount – we’re proud to support the largest bug bounty program available through HackerOne.
Read more 👉 pic.twitter.com/DRdEk9Zex0
– Crypto.com (@cryptocom) December 2, 2024
The company’s reward system offers tiered rewards for different types of risk based on seniority. For example, Low (0.1-3.9), which represents 41.67% of submissions, offers a prize anywhere from $200 to $500. Medium (4.0-6.9) receives $500 to $5,000, High (7.0-8.9) boasts $5,000 to $40,000 in prizes, and finally, Critical/Extreme handicap (9.0+) awards $40,000 up to $2 of millions.
Crypto.com invites its users to identify any vulnerabilities and resolve these potential vulnerabilities before bad actors exploit them. The crypto company has joined other tech companies in taking advantage of the bug to deal with online threats.
Finding Critical Security Gaps Is Important For Companies
As one of the leaders in the crypto space, Crypto.com serves more than 100 million users from 90 countries. However, its popularity also poses the risk of security threats. The company understands these threats, and that’s the main reason they partnered with HackerOne.
Crypto.com believes that trust is the foundation of the company, built on privacy and security. In a statement, the company has a “trust-free and security-in-depth” strategy and continues to invest in privacy and security training.
According to Kara Sprague, CEO of HackerOne, finding critical security holes is important for a company like Crypto.com. He pointed out that the record amount of money shows Crypto.com’s commitment to protecting users and supporting ethical hacking.
Some Web 3.0 Companies Also Use Bounty Programs
Besides Crypto.com, other leading Web 3.0 companies have used profit programs to identify and address security weaknesses. Facebook, Atomic Wallet, Uniswap, and Facebook are the top tech companies that rely on ethical hacking.
For example, Uniswap launched a huge bug bounty in DeFi, offering up to $15.5 million to those who can detect security threats in its v4 smart contract. After announcing the dividend plan, its UNI token increased in value.
Featured image from Pexels, chart from TradingView