Coinbase Pays Hacker $30,000 for Discovering a Critical Vulnerability

Popular US-based cryptocurrency exchange Coinbase has recently paid a hacker $30,000 for discovering a critical vulnerability on its platform that, according to a company representative, has already been fixed.

The flaw was revealed earlier this week on Coinbase’s vulnerability disclosure program on HackerOne, a website that sees various firms pay white hat hackers for help patching security vulnerabilities. Speaking to the Hard Fork, a Coinbase spokesperson reportedly revealed the vulnerability has been fixed.

While details about the vulnerability haven’t been disclosed, the high $30,000 bounty reveals it was a severe one that could’ve had severe consequences. The US-based cryptocurrency exchange has a four-tier reward system, that pays between $200 and $50,000 depending o the vulnerability’s severity.

Coinbase determines severity based on impact and exploitability. For a bug to be critical, it must allow hackers to “read or modify sensitive data in a system, execute arbitrary code on the system, or exfiltrate digital or fiat currency in some way.”

The cryptocurrency exchange paid the hacker shortly after it launched an option for Coinbase Wallet users to backup an encrypted copy of their private keys to the cloud (iCloud or Google Drive, depending on users’ operating systems).

Since the recently found – and allegedly fixed – bug was deemed critical, it likely allows hackers to “unilaterally” exploit it without finding “significant roadblocks or special conditions” outside their controls. While this was the only large bounty awarded, Coinbase handed out several smaller one this week.

Bug Bounties In Crypto

Bug bounties in the cryptocurrency space are nothing new. Last year, Coinbase notably awarded a hacker $10,000 for finding a bug that allowed users to reward themselves with unlimited Ethereum.

In fact, as CryptoGlobe covered, cryptocurrency-related bug bounties have been profitable for security researchers looking to help firms within the industry, as last year they netted them nearly $900,000.

Available data shows that this year Block.one, the company behind EOS, has already handed out over $80,000 in bug bounties to hackers who found vulnerabilities.

Switzerland's Largest Online Retailer is Now Accepting Cryptocurrency Payments

Digitec-Galaxus, Switzerland’s largest online retail company, has reportedly decided to start accepting bitcoin (BTC) payments.

Digitec and Galaxus customers can now pay for goods and services with bitcoin and a few other major cryptocurrencies. In addition to BTC, users can make payments in XRP, ETH, Litecoin (LTC), Tron (TRX), OmiseGo (OMG), and NEO.

Digitec and Galaxus’ online retail outlets will also be taking payments in Bitcoin “Satoshi Vision” SV (BSV), Bitcoin Cash (BCH), and Binance Coin (BNB). Commenting on the Swiss retailer’s decision to start accepting cryptos, Oliver Herren, the co-founder and CEO of Digitec, remarked: 

Cryptocurrencies are fascinating and could become a relevant means of payment in e-commerce. We would like to support this development. We wanted to do that for a long time.

Coinify Will Help Convert Crypto Transfers To Swiss Francs

Herren added that Digitec decided to take cryptocurrencies as payment because people may have invested in them and they may want to use them. “Or because you cannot turn them into real money [since] your bank does not accept it. Or maybe just because you ...  like to try new things,” Herren said.

According to Switzerland’s e-commerce giant, it wants to encourage millennials, who may be heavily invested in the blockchain space, to start using cryptocurrencies for practical purposes such as paying for everyday goods and services. Price volatility of cryptocurrencies may not be an issue as Digitec and Galaxus will immediately convert crypto payments to Swiss francs using Coinify’s services, a third-party payment processor.

At present, crypto payments are only available for Switzerland-based users, however the company has said that it might allow customers in other areas to pay with crypto if their initial effort is successful.

Danish Food Takeaway Outlet Accepts Bitcoin Payments For Its 1500 Restaurants

In December 2018, Hungry.dk, one of the largest online food portals in Denmark, started accepting Bitcoin again. The food takeaway company handles orders from more than 1,500 restaurants in Denmark and had been accepting BTC payments since 2014. However, it had decided to stop taking crypto payments in late 2017 due to very long transaction processing times.

A representative from Hungry.dk noted (last year): 

We have accepted Bitcoins as a payment method for quite some time. We decided to remove the feature temporarily last year though because the average transaction time took too long, and the experience wasn’t the best.