Whitehat Hacker Claims Record $1M+ Bug Bounty

Belt Finance has paid out the largest bug bounty ever recorded after a whitehat hacker reported a critical $60 million vulnerability.

A Big Bug Bounty

Whitehat Alexander Schlindwein has earned a record $1,050,000 bug bounty after reporting a critical Belt Finance vulnerability to Immunefi on August 10th, 2021. The vulnerability has now been patched.

An estimated $60 million of $BNB was at risk, but thanks to Schlindwein’s report the bug was never exploited. The $1.05 million payout comprises a $1 million reward from Belt Finance, with a further $50,000 from Binance Smart Chain’s Priority One scheme.

“This is the largest bounty we’ve ever paid out and the largest in DeFi, which effectively means the largest in the world,” tweeted Immunefi on September 30th.

Schlindwein has made quite the name for himself as a bug bounty hunter in 2021, reporting critical flaws to ArmorFi in February and Fei Protocol in May. Even before this latest report, his bounty fees were estimated to be around the $900,000 mark. Thanks to this most recent report, his bounty pool is set to more than double.

Immunefi have performed a detailed postmortem on the Belt Finance vulnerability | Source

Priority ONE

In a recent statement, Binance Smart Chain declared security to be priority one. Immunefi is one of the major players in the BSC Security Alliance alongside Binance Security, PeckShield, and CertiK.

As of August 2021, 90 Ethereum projects have hosted bug bounties via the Immunefi bounty program, compared to just 25 BSC projects. With a $60 million loss averted, the $1 million paid out by BSC project Belt Finance appears to be good business practice.

Immunefi invites all interested BSC projects to consider creating their own bug bounty program.

Source : bscnews

Leave a Reply

Your email address will not be published. Required fields are marked *