Rockstar has recently jumped on an increasingly common and accepted way of discovering and ironing out vulnerabilities and bugs in websites that their own teams cannot find: hire the very people trained to exploit these vulnerabilities. In an ad posted to the site HackerOne, Rockstar is offering bounties for any bugs reported on a number of their sites.
A minimum reward of $150 is paid for any issue that is reported for the first time, with even greater rewards offered for more serious vulnerabilities. In fact, these seem to be in the majority, as the average bounty awarded is sitting at $500 right now, with over $100,000 paid in total.
HackerOne is a freelancing site dedicated to ethical, or so-called “white-hat”, hackers. Various companies post bounty programs, define the scope of said program (which domains/products it entails) and encourages people with technical know-how to circumvent the security systems.
Of course, there are a few rules that users need to adhere to. There is a long list of issue-types that are not applicable, including those which are particularly minor and don’t warrant a $150 reward, as well as those which are less than 24-hours old since Rockstar’s own team might still catch them. Submitters must also provide some documentation on the bug and instructions to replicate it.
They’re also required to use their own accounts, or dummy-accounts made specifically for testing purposes. Naturally Rockstar wouldn’t encourage and reward the breach of their customers’ accounts in the name of security, since it would be a tad scandalous.
Unfortunately, this bounty program extends to a certain number of domains only, so bug and exploit hunting inside any of the developer’s game won’t get you any bounty rewards for these discoveries. The list of domains which are included in the scope of this program are as follows:
Recently, directed hacks targeting game companies have been on the rise, and with GTA 5 being consistently one of the best selling games each consecutive month, if a vulerability arose in the Social Club, for instance, hackers could acquire immense amounts of information.
With various attacks in the past few years including things such as that massive PlayStation network hack, game companies are on high alert to avoid similar attacks sullying their name. Of course, these are just the hacks we know about – who knows how many were kept under wraps.
White-hat hacking has been an increasingly popular profession. Anyone familiar with programming will know that the general approach to hacking is different when doing regular coding, even if the tools you use are the same. Hiring ethical hackers to unveil vulnerabilities is a great opportunity for companies like Rockstar to tighten security while outsourcing these tasks to talented individuals who are aptly compensated for their skills.
The game itself, GTA Online, is still suffering from the presence of various hacks on PC, even though the situation is far better now than it ever was in the past. Hacking on the previous generation consoles is pretty rampant due to the hardware of those systems having been cracked ages ago, however now that Character Transfers have been ceased the only method of hacking on Xbox One and PlayStation 4 is solved.
If any of you guys are budding – or experienced – ethical hackers, you’re looking at an opportunity to not only make it less likely that your personal data on Rockstar’s sites will be stolen, but are looking to earn from the venture as well. We encourage you all to partake in this bounty program!
What do you think? Sound off below!