(Image: HackerOne YouTube)
You can make a lot of money as an ethical hacker. Just ask Santiago Lopez, a 19-year-old Argentinian.
Lopez is the first person to exceed $ 1 million in rewards on HackerOne, a bug bounty platform that offers money in return for discovering security vulnerabilities in the computer systems of participating companies.
Since joining HackerOne, he has discovered more than 1,670 security vulnerabilities in products and services from Verizon, Twitter, WordPress, and government offices.
He’s a self-taught hacker who started just three years ago reading blogs and watching YouTube videos. But what interested him in the field was a film from the 90s.
“I didn’t even know he existed until I saw the movie The Pirates, which opened up a whole new world for me, “he said in a Q&A with HackerOne.” As I learned more, I realized I was naturally drawn to types of challenges and problem-solving opportunities associated with hacking. “
Lopez didn’t find his first software bug until he was 17, and even then he only received $ 50. But over time, he honed his skills and focused on “finding as many bugs as possible in a short period of time,” he told HackerOne.
“I know they say quality over quantity, but quantity is what I like,” he said. “I consider hacking to be normal work, so I tend to hack between 6 and 7 hours a day.”
Recommended by our editors
The biggest bounty he ever received was $ 9,000 for a server vulnerability that could allow remote takeover. However, it specializes in finding software bugs that can allow hackers to bypass normal application processes to access protected resources, such as database files and records.
“Yes, my friends and family know I’m a hacker,” Lopez added. “The first time I told them, they couldn’t believe it. They saw the hacker as a bad person who stole from people. They didn’t think it was possible that a hacker could be good and win. money legally. “
So far, HackerOne has awarded over $ 45 million in bug bounties. Days after Lopez became the first person to break the million dollar mark, another hacker on the platform, Mark Litchfield, also surpassed the bug bounty rewards total of $ 1 million.
Do you like what you read ?
Sign up for Security watch newsletter for our best privacy and security stories delivered straight to your inbox.