On February 11th, two days before the Super Bowl and Coinbase’s $14 million color-changing QR code advert, an engineer was desperately trying to reach out to Coinbase management and the development team.
Oricine de aici poate să-mi aducă o linie directă cu cineva de la @coinbase , de preferat management sau echipa de dezvoltare, eventual @brian_armstrong se?
Trimit un raport de hacker1, dar mi-e teamă că nu poate aștepta. Nici nu pot spune mai multe, acest lucru este potențial de distrugere a pieței.
DM deschise.
— Arborele Alpha (@Tree_of_Alpha) 11 Februarie 2022
Tree of Alpha had a descoperit “a flaw in the new Advanced Trading feature would have allowed a malicious user to sell BTC or any other coin without owning them.” The flaw in the code had the potential to “nuke” the market.
Commenting on the flaw, Tree of Alpha told Cointelegraph that the “vulnerability itself was indeed worrying,” sharing that “some oversight on both the dev team and the QA/testing team was needed to let this happen.”
“While the advanced trading product was not available for everyone and was still in beta testing, a significant number of users could have used the exploit.”
However, thanks to the hacker’s quick reactions and an “overwhelming community response,” the danger was averted and Coinbase avoided a “possible crisis.”
As is common with white hat hacking, a bounty was duly awarded. Coinbase has initially awarded $250,000–an insignificant sum for the Silicon Valley-born unicorn. Twitter was quick to judecător the quarter-million sum as a “bear market” bounty, particularly considering the scale of the hack and that Coinbase executives earn that figura anual.
Tree of Alpha told Cointelegraph that the amount was “not too low to be insulting.”
“While a higher bounty might have been wise to deter more grey hats from exploiting vulnerabilities, it is common in the crypto sphere to lose touch with the value of money. For most working human beings, $250K is a very decent sum.”
Related: MakerDAO lansează cea mai mare recompensă pentru erori cu o recompensă de 10 milioane USD
Ultimately, the events shone a light on the importance of white hat hacking for a relatively nascent industry. The U.S. State Department recently announced it would offer up to $10 million in crypto rewards to white hat hackers; however, Tree of Alpha affirmed that “white hat hacking is crucial yet criminally overlooked by companies.”
In a word to the wise, they concluded:
„Companiile nu vor ezita să cheltuiască zeci de milioane pentru marketing, dar nu vor cheltui o fracțiune din el pentru a se asigura că mai există ceva de pe piață.”
Coinbase CEO Brian Armstrong was among the first to thank the white-hat hacker for saving his company:
.@Tree_of_Alpha sunteți minunat – vă mulțumim pentru că lucrați cu echipa noastră
iubesc cum comunitatea cripto se ajută reciproc!
– Brian Armstrong – barmstrong.eth (@brian_armstrong) 11 Februarie 2022
- Coinsmart. Cel mai bun schimb de Bitcoin și Crypto din Europa.
- Platoblockchain. Web3 Metaverse Intelligence. Cunoștințe amplificate. ACCES LIBER.
- CryptoHawk. Radar Altcoin. Încercare gratuită.
- Source: https://cointelegraph.com/news/250k-bounty-not-too-low-to-be-insulting-says-coinbase-white-hat-hacker
- '
- 11
- Conform
- avansat
- Alfa
- printre
- a anunțat
- Anual
- disponibil
- înainte
- beta
- Cea mai mare
- BTC
- Bug
- Bounty de bug
- Poate obține
- CEO
- cod
- Monedă
- coinbase
- Cointelegraph
- Comun
- comunitate
- Companii
- companie
- ar putea
- criză
- crucial
- cripto
- cripto comunitate
- dev
- Dezvoltare
- inginer
- ETH
- evenimente
- toată lumea
- executiv
- directori
- Exploata
- Caracteristică
- First
- defect
- Glassdoor
- hack
- hacker
- hacking
- ajută
- aici
- Cum
- HTTPS
- importanță
- industrie
- IT
- lansează
- ușoară
- Linie
- Efectuarea
- administrare
- Piață
- Marketing
- milion
- milioane
- bani
- mai mult
- cele mai multe
- necesar
- oferi
- deschide
- Altele
- Produs
- Codul QR
- RE
- Reacții
- raportează
- răspuns
- Recompense
- salarii
- economisire
- Scară
- vinde
- semnificativ
- Cineva
- ceva
- petrece
- Stat
- Super Bowl
- echipă
- Testarea
- atingeţi
- Trading
- stare de nervozitate
- ne
- inorog
- utilizatorii
- valoare
- Vulnerabilitățile
- aștepta
- fără
- de lucru
- ar