According to a recent report, Aurora Labs has paid a total of 6 million USD to Pwning.eth. Pwning.eth, an ethical hacker, discovered a serious vulnerability in Aurora’s network not long ago. Interestingly, this vulnerability could have cost the company roughly 70,000 in Ethereum (ETH).
More details on the discovered network vulnerability
Today, we live in a digital world where the word “cyberattack” has become the norm. A recent study revealed an average of about 30,000 websites get hacked daily, and further studies reveal that a company falls victim to cybercrime every 39 seconds.
Although cybercrime is common today, top organizations are putting effective security measures in place to prevent various attacks from hackers. One of these measures requires the company to keep its software and systems fully updated. Another option is to consider employing the service of an expert ethical hacker.
Built on the NEAR protocol, Aurora Labs is an Ethereum Virtual Machine environment. It’s a Layer 1 open blockchain that offers solutions to the scalability issues that other blockchains, such as Ethereum, often encounter. EVM was designed to deliver a turn-key solution that enables developers to operate their apps on any Ethereum-compatible platform at low transaction costs.
According to this tweet, Aurora launched its bug bounty program on Immunefi in April. The program requires ethical hackers to look at the company’s code base and discover any available vulnerabilities. Pwning.eth was one of the few hackers that discovered a vulnerability in Aurora’s network. The white-hat hacker submitted the vulnerability via Immunefi.
According to reports, the discovered vulnerability included an infinite spend bug. This bug could have resulted in a total loss of 70 thousand ETH. Pwning.eth’s vulnerability discovery prevented hackers from attacking Aurora’s blockchain and acquiring user funds.
Pwning.eth receives 6 million USD for discovering the vulnerability
Frank Braun, the head of security at Aurora Labs, stated that the bug bounty program helped the company to understand how to reinforce its defense pipeline better. Here’s a brief of what Braun said:
“Our bug bounty program with Immunefi proved very valuable in incentivizing white hats to look at our code base and disclose bugs in a responsible manner. Such a vulnerability should have been discovered at an earlier stage of the defense pipeline and we have already started improving our methods to achieve that in the future. However, this event ultimately proves that our security mechanisms work.”
To reward Pwning.eth for their role in preventing a potential cyberattack on its EVM machine, Aurora has rewarded the white-hat hacker with a total of 6 million US dollars. This is not the first time Immunefi has helped ethical hackers earn various rewards via bug bounties. The platform noted that white hat hackers and security researchers on its platform have received a total of $40 million in bug bounties thus far.
