19-year-old makes millions from ethical hacking. The Argentine teenager has topped the charts when it comes to bug bounty hunting.

A 19-year-old has made over $1 million in his quest to find and report vulnerabilities in software and online services.

Santiago Lopez from Argentina, who operates under the moniker @try_to_hack, joined the bug bounty crowdfunding platform HackerOne in 2015. Since this year, Santiago has reported over 1,670 separate bugs which impact products offered by vendors including Verizon Media Company, Twitter, WordPress, and Automattic.

The self-taught hacker has shown what can be possible for white hat bug bounty hunters to achieve.

Lopez taught himself how to track down bugs, including some of the most well-paid vulnerabilities — such as Insecure Direct Object Reference (IDORS and Cross-Site Request Forgery (CSRF) security flaws — through Internet resources and YouTube videos such as these videos for IDORS and these videos for CSRF.

Before he knew it, he was being paid for his work in both private and public bug bounty programs, starting with $50 for a CSRF security flaw and leading to Lopez’ largest payout of $9,000 for a Server Side Request Forgery (SSRF) vulnerability in a private program. SEE ALSO: YouTube Videos on SSRF.

Lopez is now one of the top hackers in the HackerOne leaderboards in the 91st percentile for signal and 84th percentile for impact.

“I am incredibly proud to see that my work is recognized and valued,” the hacker says. “Not just for the money, but because this achievement represents the information of companies and people being more secure than they were before, and that is incredible.”

Lopez may have made his millions, but this does not mean the hacker plans to throw in the towel anytime soon.

“I’m sure that anyone who discovers bug bounty programs will soon too realize that it opens up new opportunities for both hackers and companies who are committed to security,” the hacker added.

Alongside the case study, HackerOne also released the firm’s 2019 Hacker Report. Based on a survey of 3667 bug bounty hunters on the platform, the research states that over $42 million to hackers over the duration of its inception, and $19 million of this amount was earned in 2018.

In total, 81 percent of those surveyed said they were self-taught; and 90 percent of hackers are under the age of 35, with 47 percent falling into the 18 – 24 category.

Websites appear to be the favorite option for bug bounty hunters. Over 70 percent of those surveyed said domains were their preferred subject for bug hunting, followed by APIs — 6.8 percent — data storage technology — 3.7 percent — Android applications, operating systems, and downloadable software.

Related Videos:

Related Links:

WiFi Password Hacking for Beginners(Opens in a new browser tab)

Nissan follows Tesla’s lead and drops LIDAR from autonomous cars(Opens in a new browser tab)

iPhone Hacking Tool Used by FBI Up for Sale on eBay for $100(Opens in a new browser tab)

The Amazing Ways The Ford Motor Company Uses Artificial Intelligence And Machine Learning(Opens in a new browser tab)

Thousands of Android apps have been creating a permanent record of everything you do(Opens in a new browser tab)

ATM hacking has gotten so easy, the malware’s a game(Opens in a new browser tab)

IoT devices pose a significant cybersecurity risk than most realize(Opens in a new browser tab)

Hacker Lauri Love denied bid to get computers back(Opens in a new browser tab)

Networking The Complete Reference, Third Edition(Opens in a new browser tab)

Where automotive cyber security is headed(Opens in a new browser tab)

Magna’s new MAX4 self-driving platform offers autonomy up to Level 4(Opens in a new browser tab)

Social engineering is the new method of choice for hackers. Here’s how it works.(Opens in a new browser tab)

Hacking Autonomous Vehicles: Is This Why We Don’t Have Self-Driving Cars Yet?(Opens in a new browser tab)

New detection method identifies cryptomining and other fileless malware attacks(Opens in a new browser tab)

Russian hackers are eight times faster than North Korean groups(Opens in a new browser tab)

Hackers tried to steal €13 million from Malta’s Bank of Valletta(Opens in a new browser tab)