- M365 Copilot: New Zero-Click AI Flaw Allows Corporate Data Theft
- Why this SSD docking station is one of my best investments for my PC - and it's on sale
- Apple quietly makes running Linux containers easier on Macs
- AMD steps up AI competition with Instinct MI350 chips, rack-scale platform
- 기업 AI 도입을 가로막는 5가지 장애물
Crypto.com Launches Massive $2m Bug Bounty Program
Cryptocurrency exchange Crypto.com has launched a landmark bug bounty program with HackerOne.
The program will provide up to $2m in rewards for the reporting of security vulnerabilities. This represents the largest sum available across all bug bounty programs with HackerOne.
Crypto.com operates a global app which has more than 100 million customers worldwide.
Jason Lau, CISO at Crypto.com, noted that the firm has dedicated significant efforts to achieve top-tier security certifications. However, maintaining security assurance requires continuous focus and improvement.
“We have always respected and partnered with the ethical hacking community as an extension of our security team,” Lau said.
“Deepening our relationship with HackerOne through this milestone and setting this landmark bounty underscores our commitment to enhancing safeguards and consumer protection. We look forward to continuing to productively engage with this community,” he added.
In recent years the cryptocurrency industry has become a high-value target for cybercriminals because of the potential monetary gain.
Blockchain intelligence firm, TRM, found that North Korean hackers stole at least $600m in cryptocurrency in 2023.
Kris Marszalek, CEO of Crypto.com, commented, “As our business and the industry continue to grow, it’s critically important that we remain focused on our core principles, and this new bounty program does that by setting a new bar.”
The Singaporean firm’s strategy has been to expand through security, compliance and regulatory licenses to advance its mission of “Cryptocurrency in Every Wallet”.
Crypto.com became the first virtual asset platform to achieve multiple certifications across all platforms including SOC2 Type 2, PCI DSS 4.0, ISO 27017 and ISO 27019 for cloud security and privacy certifications in 2023.
It also achieved ISO 22301 for Business Continuity Management in 2021, ISO 27701 for Privacy Information Management System in 2020, and ISO 27001 for Information Security Management Systems in 2019.
The firm also says it conforms to the highest tier of the NIST Cybersecurity and Privacy Frameworks and obtaining regional specific certifications like the Data Protection Trust Mark and Cyber Trust Mark in Singapore.
