Mega.co.nz – the latest venture from controversial internet entrepreneur Kim Dot Com – has followed in the footsteps of Google and other technology companies by launching its own vulnerability reward ethical hacking program.
The initiative was officially unveiled in a blog post published February 2, with the company encouraging enthusiastic computer experts to get involved and reporting any security-relevant bug or design flaws for financial reward.
Upwards of €10,000 will be offered for each bug reported, depending on the complexity of the vulnerability, with Mega.co.nz noting that it will be "fair and generous" in its decisions.
Bugs that qualify for a reward include remote code executions as well as any issue that breaks that organisation's cryptographic security model or jeopardizes a user's personal account data.
Mega has also offered a special "bonus bounty" brute-force challenge, in which anyone able to break the decryption key on a provided file will be rewarded with the maximum €10,000.
The story is an example of how modern organisations are turning the tables on cybercriminals by recruiting ethical hackers to test their systems and achieve maximum vulnerability management.
Perhaps the most notable initiative of this nature is Google Chromium's Vulnerability Rewards Program, which has offered significant financial rewards to successful hackers for several years now.