Mega.co.nz launches vulnerability reward program

Mega.co.nz – the latest venture from controversial internet entrepreneur Kim Dot Com – has followed in the footsteps of Google and other technology companies by launching its own vulnerability reward ethical hacking program.

The initiative was officially unveiled in a blog post published February 2, with the company encouraging enthusiastic computer experts to get involved and reporting any security-relevant bug or design flaws for financial reward.

Upwards of €10,000 will be offered for each bug reported, depending on the complexity of the vulnerability, with Mega.co.nz noting that it will be "fair and generous" in its decisions.

Bugs that qualify for a reward include remote code executions as well as any issue that breaks that organisation's cryptographic security model or jeopardizes a user's personal account data.

Mega has also offered a special "bonus bounty" brute-force challenge, in which anyone able to break the decryption key on a provided file will be rewarded with the maximum €10,000.

The story is an example of how modern organisations are turning the tables on cybercriminals by recruiting ethical hackers to test their systems and achieve maximum vulnerability management.

Perhaps the most notable initiative of this nature is Google Chromium's Vulnerability Rewards Program, which has offered significant financial rewards to successful hackers for several years now.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s