“On one of the programs, one of the big bugs was $150,000. Previously, nine of us cleared $750,000 in a weekend. It’s colossal sometimes,” said hacker BusesCanFly.
Neiko, a hacker who originally got into hacking by breaking into cars, said that a team of 10 people worked for four days to get $800,000, which is around $80,000 each.
The first bug Neiko found involved a $30,000 split between a team of three. The second team consisted of five people, each making $10,000.
With a modest lifestyle, $100,000+ could set you up quite nicely for a while. But, if you’re consistent and capitalize on the big bugs, you’ll win the big bucks.
“I’ve heard of some people making billions of dollars from it, and they’re just set for life,” Neiko said.
But can you make a living by catching bugs?
Well, if you know how to do it and you enter into the right bug bounty programs with high-paying clients, there’s no reason not to.
The hackers we interviewed in our latest Cybernews documentary have collectively made around $100 million from bug bounty hunting.
Hacking has evolved from a hobby into a career where hackers can earn a comfortable living without risking their freedom.
Bug bounties, as Bryce Case Jr., aka YTCracker, said, "keep all the nerds out of jail and get them a good paycheck.”
This is because hackers are needed to protect the cybersecurity landscape, and protecting companies and corporations from malicious hackers is expensive.
Earlier this year, Gartner forecasted that information security spending will grow by 15% in 2025 and that by the end of this year, security spending is expected to reach almost $184 billion globally.
This is unsurprising as the threat intelligence landscape is becoming riddled with malicious actors looking to capitalize on bugs that companies didn’t even know existed.
Cybercriminals are quickly exploiting vulnerabilities, as Google Mandiant has reported.
The majority of vulnerabilities analyzed by the cybersecurity company (97%) were zero-days, meaning that cybercriminals exploited these bugs before anyone had time to patch them.
As cybercriminals are increasingly exploiting zero-days, it's important to have ethical hackers who can clear these bugs before any attacker can get their grubby fingers on them.
That’s where bug bounty hunters come in.
But it’s not cheap work.
In the Cybernews documentary, we encounter bug bounty hunters who are responsible for ensuring that the companies they work for don’t have any nasty bugs that could be exploited by adversaries.
But this job comes with a pretty big price tag. You see, bug bounty hunting can be a long, laborious task that can sometimes take hours, days, or even longer. So, it’s natural that these vulnerabilities come with a big reward.
For single bugs, the cost can be up to a quarter of a million dollars, depending on how much time and effort is required to find them.
Your email address will not be published. Required fields are markedmarked