When our analysts discovered six vulnerabilities in PayPal – ranging from dangerous exploits that can allow anyone to bypass their two-factor authentication (2FA), to being able to send malicious code through their SmartChat system – we were met with non-stop delays, unresponsive staff, and lack of appreciation. On the other hand, ever since PayPal moved its bug bounty program to HackerOne, its entire system for supporting bug bounty hunters who identify and report bugs has become more opaque, mired in illogical delays, vague responses, and suspicious behavior. In March 2018, PayPal announced that they’re increasing their maximum bug bounty payment to $30,000 – a pretty nice sum for hackers. In the news, it seems that PayPal gives a lot of money to ethical hackers that find bugs in their tools and services.
0 Comments
Leave a Reply. |