After a “huge” income of 330 billion of a girl born in 92, see the white hat hacker revealing the truth about the billion dollar income of “bug hunter”

Information that a girl born in 1992 in Cau Giay district (Hanoi) has an income of 330 billion VND in 2020 and another 30-year-old boy has an income of up to 260 billion VND, all from composing software posted. download on Google Play and App Store made public opinion stir.

In fact, since 3 years ago, a Facebook representative once shared: “Vietnam has about 50 young people around 19 and 20 who have become millionaires in USD”.

And not only software creation, in the information technology field, there is also a very “hot” job, which is Bug Bounty (roughly translated: Hunting for bonuses), making you very young to become millionaires. These people are often referred to as bug bounty hunters or more familiarly, white hat hackers – people who study information security with good intentions.

Bug Bounty is a security program published by organizations, businesses or third parties to engage the community to detect and report security vulnerabilities (bugs) in technology products. In it, bounty bonuses will be given to those who find the bug.

The purpose of the Bug Bounty program is to detect as many security vulnerabilities as possible, and then fix – fix those vulnerabilities before hackers find out. This helps prevent bad guys from exploiting security vulnerabilities that lead to many unpredictable consequences.

Products that need to find errors can be website, mobile app, IoT, API, computer software …

Security expert Dau Huy Ngoc – who is in the top of the white hat hackers honored by Google and Facebook – recently gave an interview to the Youth newspaper. Huy Ngoc said that the work of a white hat hacker has only really developed in the past 5-7 years. That’s when many large companies are open and willing to let hackers break in, find bugs in their systems and let them know. There are companies that will pay hackers to find the correct error. There are companies that simply thank them or put their names on the billboard publicly.

Security specialist Dau Huy Ngoc

“In 2020, I reported a few dozen errors on Google and 4 errors on Facebook. However, Facebook only accepted 3 errors, and 1 serious error on their side said they are in the process of fixing and solving the problem. Before I report the error. For the accepted errors on Facebook, I was given $ 4,000 (more than 92 million) for 1 error; As for the Google payout, please do not disclose. ” – Huy Ngoc interviewed.

This expert shares, there are intermediaries, or more accurately, the platforms for companies and security professionals to link together. In the world, there are about a dozen intermediary platforms, of which about 3-4 are the largest.

One of the largest and most reputable platforms is Hacker One. According to Hacker One statistics, there are more than 600,000 hackers participating in this platform. They come from about 170 countries, work with around 1,700 companies and government agencies around the world. In 2019, hackers across the platform received $ 40 million in prize money.

“Many people think that being a” bug hunter “is an easy job to make money, because in fact there are white hat hackers who make a lot of money and have a prosperous life. Besides, white hat hackers do not discriminate about age (many 16-17 year olds can make money from this job), or come from any country or territory …

Therefore, there are a lot of people who sign up to do this work, even they may not really know about the work of a white hat hacker, or sometimes keep reporting mistakes in the hope that it is the fault of the company. somehow accept. Therefore, the number of white-hat hackers registered may be large, but the number of white-hat hackers who can live completely by this job, according to my observations, is not more than 500 people “- said Dau Huy Ngoc.

This white hat hacker also asserted, this is not a common job like working as a hired worker and being paid. With the job “bug hunter”, many people do the same thing, whoever can get the job gets money. So, the number of people making a lot of money with this job is actually not much.

“As far as I know, on the Hacker One platform, there are only a few people who have earned a total bonus of over $ 1 million (more than 23 billion), and those are the top best hackers.”

In Vietnam, on April 27, 2019, the National Cyber ​​Security Monitoring Center officially launched the Bug Bounty Vietnam program. This program offers bonuses to anyone who finds a vulnerability in the network systems regulated by the Center.

Similar to Hacker One mentioned above, Bugbounty Vietnam platform is an intermediary, connecting businesses, organizations and hackers. On the Bugbounty Vietnam website, it is reported that the security community can help units discover 7 times more critical vulnerabilities than traditional security testing methods. Bonuses for Hackers are based entirely on the actual number of vulnerabilities identified instead of a fixed fee as for traditional testing services.