Atomic Wallet Launches $1 Million Bug Bounty
20 Dec, 2023 ● Crypto News
According to a Dec. 18 announcement, Atomic Wallet's developer has established a $1 million bug bounty to discover security holes in its wallet software.
The launch coincides with a class action lawsuit that is still pending against the developer over a $100 million hack that occurred in June.
The post claims that the development team is inviting security specialists and ethical hackers to look for software bugs in its open-source code.
The most serious vulnerability that a white hat hacker discovers and reports to the team will win $100,000.
Any vulnerability of this kind is one that would permit “the ability to attack/drain a wallet without physical access, installed malware, or social engineering, indicating an actual over-the-internet attack and a flaw in our code or dependencies,” the announcement said.
A hacker will receive payment ranging from $500 to $10,000, contingent on the severity of the vulnerability, if they report bugs or flaws that do not meet this definition.
For instance, the article claims that hackers will receive $5,000 for finding a vulnerability classified as "high-risk" and $10,000 for identifying one classified as "critical-risk." One million dollars is the total bounty pool for all discoveries.
Konstantin Gladych, the creator of Atomic Wallet, asserted that the bug bounty program will contribute to the wallet's future security by saying:
“Recent events in the blockchain industry have once again reminded us that cybersecurity is a dynamic field, and the best way to stay ahead is by harnessing the creativity and expertise of the global community. We are confident and eager to see how this program will contribute to our mission of providing a secure and seamless user experience.”
A cybersecurity breach resulted in the theft of over $100 million worth of cryptocurrency from users of Atomic Wallets, according to a June report by blockchain analytics platform Elliptic.
According to a report from August, attack victims are suing Atomic Wallet as a class action to recover damages for the incident. Using the defense that it "has no ties" to the US, the developer has attempted to have a related lawsuit filed in the US state of Colorado dismissed.
Atomic Wallet has confirmed that certain users have reported missing money due to a cyberattack.
The attacks may have been caused by "a virus on user devices, an infrastructure breach, a man-in-the-middle attack, or malware code injection," according to the company, which claims that only 0.1% of users were impacted.
Sources:
https://cointelegraph.com/news/atomic-wallet-launches-1-million-bug-bounty-amid-hacking-lawsuit
