Appearance
photo 2 options
  • Logo

    Uploading…
    Photo Uploaded
    Error!
  • Footer Logo

    Uploading…
    Photo Uploaded
    Error!
color 6 options

Success!

Your settings have been saved.

Technology PopWrapped | Technology

Pornhub Will Pay $25,000 To Whoever Can Hack Their Website

Roxanne Powell | PopWrapped Author

Roxanne Powell

05/23/2016 6:08 am
PopWrapped | Technology
Pornhub Will Pay $25,000 To Whoever Can Hack Their Website | pornhub
Media Courtesy of wallpaperup.com

One of the most popular pornography websites, Pornhub, has launched a "bug bounty program for security researchers and bug hunters who can find and report security vulnerabilities on its website."

It comes as no surprise that with the increase in cyber attacks, even Pornhub (PH) is afraid of a data breach. To prevent this from happening, PH is prepared to pay a sizable reward to whoever can crack their website and give them details on how to fortify themselves against future, legitimate attacks.

While PH has a large library of free-to-play videos, users have the option of becoming Premium members in order to access more exclusive content without advertisements.

Along with HackerOne, PH will pay independent security researchers and bug hunters anywhere between $50 to $25,000 to find vulnerabilities. The hunter will be paid depending on the impact of the vulnerability.

HackerOne, "a bug bounty startup that operates bug bounty programs," has worked similar deals for other big companies like Yahoo, Twitter, Slack, Dropbox, Uber, General Motors, and even the Department of Defense's Hack the Pentagon initiative.

"Like other major tech players have been doing as of late, we’re tapping some of the most talented security researchers as a proactive and precautionary measure – in addition to our dedicated developer and security teams – to ensure not only the security of our site but that of our users, which is paramount to us," said PornHub Vice President Corey Price.

"The brand new program provides some of our developer-savvy fans a chance to earn some extra cash – upwards to $25K – and the opportunity to be included in helping to protect and enhance the site for our 60 Million daily visitors."

So how do you earn the maximum reward? Well, for starters, PH and HackerOne want all researchers and hunters to meet these requirements:

  • Be the first to report a security bug directly related to the company infrastructure.

  • Send a description of your bug report, explaining the type of vulnerability and how it works.

  • Include screenshots and proof of concept code to substantiate your claim.

  • Disclose your finding directly and exclusively with Pornhub.

So no funny business or backhand dealings. Any major breaches in their security or firewall could have dire consequences for the PH website, not to mention Premium user data.

"Vulnerabilities such as cross-site request forgery (CSRF), information disclosure, cross domain leakage, XSS attacks via Post requests, HTTPS related (such as HSTS), HttpOnly and Secure cookie flags, missing SPF records and session timeout will not be considered for the bounty program."

PH and HackerOne are still beta testing their bounty program and are only accepting researchers and hunters by invitation. According to the official program page, PH's feedback page has been excluded from the bounty program as of mid May.

You can read the complete details about the bounty program's scope, eligibility, and rewards, as well as exceptions and rules HERE.

Do you think you have the skill to crack Pornhub?


Share


Are you sure you want to delete this?

ConfirmCancel