19-year-old makes millions from ethical hacking. The Argentine teenager has topped the charts when it comes to bug bounty hunting.
A 19-year-old has made over $1 million in his quest to find and report vulnerabilities in software and online services.
Santiago Lopez from Argentina, who operates under the moniker @try_to_hack, joined the bug bounty crowdfunding platform HackerOne in 2015. Since this year, Santiago has reported over 1,670 separate bugs which impact products offered by vendors including Verizon Media Company, Twitter, WordPress, and Automattic.
The self-taught hacker has shown what can be possible for white hat bug bounty hunters to achieve.
Lopez taught himself how to track down bugs, including some of the most well-paid vulnerabilities — such as Insecure Direct Object Reference (IDORS and Cross-Site Request Forgery (CSRF) security flaws — through Internet resources and YouTube videos such as these videos for IDORS and these videos for CSRF.
Before he knew it, he was being paid for his work in both private and public bug bounty programs, starting with $50 for a CSRF security flaw and leading to Lopez’ largest payout of $9,000 for a Server Side Request Forgery (SSRF) vulnerability in a private program. SEE ALSO: YouTube Videos on SSRF.
Lopez is now one of the top hackers in the HackerOne leaderboards in the 91st percentile for signal and 84th percentile for impact.
“I am incredibly proud to see that my work is recognized and valued,” the hacker says. “Not just for the money, but because this achievement represents the information of companies and people being more secure than they were before, and that is incredible.”
Lopez may have made his millions, but this does not mean the hacker plans to throw in the towel anytime soon.
“I’m sure that anyone who discovers bug bounty programs will soon too realize that it opens up new opportunities for both hackers and companies who are committed to security,” the hacker added.
Alongside the case study, HackerOne also released the firm’s 2019 Hacker Report. Based on a survey of 3667 bug bounty hunters on the platform, the research states that over $42 million to hackers over the duration of its inception, and $19 million of this amount was earned in 2018.
In total, 81 percent of those surveyed said they were self-taught; and 90 percent of hackers are under the age of 35, with 47 percent falling into the 18 – 24 category.
Websites appear to be the favorite option for bug bounty hunters. Over 70 percent of those surveyed said domains were their preferred subject for bug hunting, followed by APIs — 6.8 percent — data storage technology — 3.7 percent — Android applications, operating systems, and downloadable software.
WiFi Password Hacking for Beginners
Top Tools for Ethical hacking in 2020
Cybersecurity Analyst (CSA+) Exam Study Guide
Security experts say health care industry is prized target for cyber criminals
AI and Machine Learning Exploit, Deepfake Videos, Now Harder to Detect
Nissan follows Tesla’s lead and drops LIDAR from autonomous cars
iPhone Hacking Tool Used by FBI Up for Sale on eBay for $100
The Amazing Ways The Ford Motor Company Uses Artificial Intelligence And Machine Learning
Thousands of Android apps have been creating a permanent record of everything you do
ATM hacking has gotten so easy, the malware’s a game
IoT devices pose a significant cybersecurity risk than most realize
Hacker Lauri Love denied bid to get computers back
Networking The Complete Reference, Third Edition
Where automotive cyber security is headed
Magna’s new MAX4 self-driving platform offers autonomy up to Level 4
Social engineering is the new method of choice for hackers. Here’s how it works.
Hacking Autonomous Vehicles: Is This Why We Don’t Have Self-Driving Cars Yet?
New detection method identifies cryptomining and other fileless malware attacks
Russian hackers are eight times faster than North Korean groups
Hackers tried to steal €13 million from Malta’s Bank of Valletta
AI is the future: Microsoft wants to usher it in responsibly
Machine learning algorithms explained
Edmonton doctors, AI scientists team up with drug giant in health software project
Grand theft consciousness: How quantum algorithms will backdoor human-level AI
Ransomware attack forces Baltimore government to go manual
How to make Windows 10 look and feel like Windows 7
Google has created a maths AI that has already proved 1200 theorems
Tesla’s software lead is so big it should worry other automakers, AI expert says