Skip to main content

Bug Bounty Hunters: Fake or Fame ?

 


 

With the evolvement of the internet, we need someone who can identify the errors or the vulnerabilities in a website, computer or a system. The reward given to a person for identifying them is known as bug bounty. Over these 4 decades, the bug bounty industry has grown and still continues to grow at a rapid speed.

Bug bounty hunters are earning enough by hacking into the systems or websites and identifying the specific errors or vulnerabilities of the website ethically and responsibly.  In return they rewarded in different forms and the reward varies on different platforms for different vulnerabilities based upon its severity. A few bug bounty hunters have started mentoring new upcoming talent and they use various platforms to promote themselves to attract the students. Out of them a few are manipulating the screenshots of the rewards which will misguide the students. A fake bug bounty hunter manipulates their actual reward to a much higher value which is fake. For example: If a bug hunter is getting a reward of 100$ for subdomain takeover, they manipulate it by increasing it to 10,000$ and changing the name of the vulnerability to account takeover. This misguides the student that the bug hunter has earned a bounty of 10,000$ and they believe that the fake screenshot is authentic and they get fascinated and keep on sharing it. This is a kind of unethical practice by the bug bounty hunter to gain fame & to attract more students.

The upcoming students feel that someone who is on a good level can also help them reach at that level but the truth is different ways and they get misguided. The bug bounty hunting is supposed to be ethical and should be done in order to make internet a safer place for the users. The students should be aware and should check the authenticity for any screenshots shared on various unverified platforms.

 

                                                                                                            By: Kartik Khurana

                                                                                                (Pursuing B.E, AIT, Bengaluru)

Stay connected with us: www.worldcybersecurities.com

To get latest updates on various cyber related events & other things, you can join our Whatsapp group/Telegram Channel

Labels:

Comments

  1. Vaibhav Singh2:47 PM

    Really informative and well researched blog.

    ReplyDelete
    Replies
    1. Naresh Jakhar3:53 PM

      It should be taught in university's classes

      Delete
    2. Unknown11:42 AM

      I second that!

      Delete
  2. Shubham Nayak4:01 PM

    Indeed over the years, the bug bounty programs have grown exponentially but exactly as stated above it must never be used for unethical purposes.

    ReplyDelete
  3. Chinmayee kulkarni9:44 AM

    Bug bounty programs/ hunting can be considered as a way forward for identifying the cyber criminals and threats. In my opinion, this technique must be exponentially known to all the citizens in order to understand the relief which they can get if they are stuck in this cyber trap. A committee must be organized for the same purpose so that the disadvantage of this mechanism will not occur and will take place smoothly.

    ReplyDelete
  4. Atharva Dutt Pandey5:31 PM

    It is very important for students to research intensely on the topic if they really find the job interesting. This blog certainly paves the way ahead towards informing them.

    ReplyDelete
  5. Sharanya2:59 PM

    The bug Bounty is rapidly increasing and it can be both fake or good. We as Students should be aware of the information being shared and check the authenticity of every screenshots available. Very nicely written.

    ReplyDelete
  6. vicky kumar8:32 PM

    Bug Bounty benefits both companies and individuals. But some people edit their bounty to get more fame because they have to showcase their skill.

    ReplyDelete

Post a Comment

Popular posts from this blog

UNESCO Guidelines on Generative AI in Schools

The advent of artificial intelligence has assumed prominence amongst all industries and various facets of people's personal lives. The integration of AI in education has been inevitable, given the significance and role of information, knowledge production and administration in the sector. This is especially so as its capabilities entail replicating higher-order thinking. Besides assisting in the education process, it also brings the element of real-life relevance, allowing education to be imparted against the backdrop of the evolving world due to the same AI. It tends to have implications on the subject matter that needs to be imparted, which tends to be something that constantly needs to answer the question of "Why and how is this particular subject matter relevant for learning?".  This induces policy-makers and educational institutions to rethink what they need to impart as knowledge, the area of matter, and the manner of thinking to be emphasised. This is because educa
Post a Comment
Read more

Dark Web: Safe or unsafe? Truth Revealed!

  The dark web is the part of the internet that is not visible to search engines. With the advancement in technology, digitization has resulted in different types of attacks. We can talk to anyone as long as we have an internet connection. The main concern is with privacy and anonymity in mind.  A team of computer scientists and mathematicians working for one branch of the US navy which is known as the Naval Research laboratory (NRL), developed a new technology known as Onion Routing. It allows anonymous communication where the source and destination cannot be determined by the third party. A network using the Onion Routing technique is classified as Darknet. The NRL released the Onion Routing Technique and it became The Onion Router, also known as TOR. Advantages of Dark Web  Humans are allowed to hold privacy and express their views freely. Privacy is considered to be critical for honest persons through the different criminals and stalkers.  The growing tendency of employers to track
4 comments
Read more

Need for Anti-Spam Laws in India: Comparative Analysis

  Introduction Spam is unsolicited, usually commercial messages (such as e-mails, text messages, or internet postings) sent to a large number of recipients or posted in a large number of places. The spamming activity is usually considered to cause a lot of nuisance and mental annoyance. Spamming is carried out with the help of an electronic mechanism to send unsolicited messages and advertisements. It can also be termed “An unsolicited e-mail” from which the sender attempts to gain an advantage. "India is the seventh biggest spammer in the world 7.8 billion spam e-mails sent in past 24 hours". It’s high time that India has to come up with its legislation to curb the activity.  The author will also argue the need for anti-spam legislation in India with a comparative analysis of various other jurisdictions. Why is it a concern? The term spam emerged due to the spread of unsolicited commercial messages in the internet space. The main challenge is that it has varied charact
1 comment
Read more