Launch of a High-Stakes Bug Bounty
To enhance security, Atomic Wallet, a cryptocurrency wallet developer, has launched a $1-million bug bounty program. This initiative revealed in a December 18 announcement, aims to identify and address security flaws in the wallet’s software. The launch of this bug bounty coincides with an ongoing class action lawsuit against the developer, stemming from a $100-million hack in June.
Engaging Ethical Hackers for Enhanced Security
Atomic Wallet invites ethical hackers and security experts globally to scrutinize its open-source code for vulnerabilities. The developer offers a substantial reward of up to $100,000 for white hat hackers who can uncover a wallet-draining vulnerability. This specific type of vulnerability includes attacks or wallet-draining without physical access, installed malware, or social engineering.
Reward Structure for Reported Vulnerabilities
The bug bounty program is structured to provide varying rewards based on the severity of the discovered vulnerabilities. While the top reward for the most serious vulnerabilities is $100,000, other bugs and flaws could fetch rewards ranging from $500 to $10,000. High-risk vulnerabilities have a $5,000 reward, and critical-risk ones command $10,000. The total bounty pool allocated for all discoveries is $1 million.
Atomic Wallet’s Commitment to Security
Konstantin Gladych, the founder of Atomic Wallet, highlighted the importance of the bug bounty program in ensuring the wallet’s security. He emphasized the dynamic nature of cybersecurity in the blockchain industry and the need to leverage the global community’s expertise. Gladych expressed confidence that this program will bolster its mission of offering a secure and seamless user experience.
Context of the Bounty: June’s Hacking Incident
The bug bounty program comes after a cybersecurity attack in June, where over $100 million in crypto assets were stolen from Atomic Wallet users, as reported by blockchain analytics platform Elliptic. Following the attack, victims initiated a class action lawsuit seeking damages. In contrast, Atomic Wallet has sought to dismiss a similar lawsuit in Colorado, citing a lack of ties to the United States.
Atomic Wallet’s Acknowledgment of the Attack
Atomic Wallet has acknowledged the cybersecurity attack, stating that it affected 0.1% of its users. The possible causes, according to the company, include a virus on user devices, an infrastructure breach, a man-in-the-middle attack, or malware code injection.
Proactive Steps for Enhanced Wallet Security
Atomic Wallet’s launch of a $1 million bug bounty program represents a proactive approach to addressing security challenges in the cryptocurrency space. By engaging with the ethical hacker community, Atomic Wallet aims to fortify its defenses against potential cybersecurity threats, reinforcing trust and reliability among its users.