SecureWorld News

Porn Site Gets Serious About Cybersecurity: $25,000 Up for Grabs

Written by SecureWorld News Team | Thu | May 12, 2016 | 6:17 PM Z

I'm going out on a limb here, but I'm guessing that finding security flaws is not the reason most people visit adult website Pornhub. In fact, adult websites are usually a safe haven for everything anti-security. However, if you're good at exposing flaws and hacking into websites, then you'll want to hear this. 

The site is offering up to $25,000 to anyone who can expose vulnerabilities. The website launched the "bug bounty program" on hackerone.com

The website reads: "Security is a top priority at Pornhub. We strive to work with skilled security researchers to improve the security of our service. If you believe you've found a security bug in the services listed in our scope, we will be happy to work with you to resolve the issue promptly and ensure you are fairly rewarded for your discovery."

What are researchers looking for?

Researchers are looking to find any security issues that have not yet been exposed. The site lists this specific list of qualifications for the bounty program.

  • Any vulnerability found must be reported no later than 24 hours after discovery.
  • You are not allowed to disclose details about the vulnerability anywhere else.
  • You must avoid tests that could cause degradation or interruption of our service.
  • You must not leak, manipulate, or destroy any user data.
  • You are only allowed to test against accounts you own yourself.
  • The use of automated tools or scripted testing is not allowed.

How much $$$ is up for grabs?

The program states that rewards start at $50, and max out at $25,000. The program states that Pornhub will dish out rewards based on the severity of the vulnerability, and that reward amounts are entirely at the discretion of Pornhub. If you find a flaw and are wondering what to do next, then the website lists a step-by-step guide. 

  • Be the first to report a vulnerability.
  • Send a clear textual description of the report along with steps to reproduce the vulnerability.
  • Include attachments such as screenshots or proof of concept code as necessary.
  • Disclose the vulnerability report directly and exclusively to us.
Like most programs, there is a long list of exceptions. So before you get to work on hacking into the porn site, be sure to check out the entire list of qualifications. Happy hacking, and good luck! 
View full post