Express Bug bounty – effective blackmailing countermeasure
Initially, it was enough to hack into a company’s servers, steal sensitive clients’ data and use it for own profit. However, why to bother oneself if there are easier and faster ways to receive money? Today, there is a new threat on the rise: hackers resort to blackmailing companies in return for not uncovering compromising information about them.
Disclosure: This is a Sponsored Article
Who is the victim?
NapoleonX has recently faced such a threat. The French ICO project was exposed to blackmailing by an unknown hacker who described himself as the one who “worked for several cyber-protection companies”. The hacker claimed that he had found a severe vulnerability in project’s security system, and that “my job is to find the flaws and to benefit from them”. He threatened to sell sensitive information to third parties unless being paid.
How should a company react to such blackmail? Offer a reward for identifying the vulnerability!
The founding shareholders were not going to pay to the malefactor and immediately contacted Hacken to answer adequately. So Hacken team organized a pool of security researchers to launch an urgent bug bounty. Information about the existing vulnerability was not confirmed, and from now on everyone who will find the security flaw in NapoleonX infrastructure will be rewarded.
Significant Lessons Learned
The issue was resolved; nevertheless, there are two significant lessons to learn. First of all, a black hat hacker can be smarter than one, but they cannot be smarter than the united community of white hats. Secondly, as long as HackenProof, decentralized bug bounty by Hacken, exists, you should never go on about blackmailers.
Hacken’s mission is to prevent all hacking threats on the global IT market. Only by this way, the web will be a safer place.
Drop a line to Hacken if you have been subjected to blackmail by a hacker or have any cybersecurity issue!
