The software of the largest US cryptocurrency exchange Coinbase contains a serious vulnerability, which was revealed thanks to the help of the so-called. "White hackers" or, as they are also called, "pentesters" (penetration testing).
As it became known, the vulnerability was discovered in the framework of the bounty program for finding vulnerabilities back in November last year. Representatives of the exchange refused to disclose details of the vulnerability, but the fact that the hacker received $ 30,000 for the detection of vulnerability (with the maximum possible reward of $ 50,000) indicates a high degree of threat. Moreover, it is the maximum for today the remuneration paid by the exchange to pentesters.
In total, a bounty program involves 4 categories of threats, for the detection of which a fixed amount is paid:
- Low – $ 200;
- Average – $ 2,000;
- High – $ 15,000;
- Critical – $ 50,000.