Hackers have accumulated a staggering $300 million in total rewards from HackerOne's bug bounty program, a platform that connects organizations with ethical hackers who identify vulnerabilities in their software. The company celebrated this achievement recently, highlighting that 30 hackers have each earned more than $1 million for their submissions, with one hacker surpassing $4 million in earnings for their bug reports.
This announcement coincided with the release of HackerOne's 2023 Hacker-Powered Security Report, which revealed that 55% of hackers anticipate generative AI to become a primary target in the upcoming years.
Chris Evans, HackerOne's CISO and Chief Hacking Officer, emphasized the growing importance of learning from hackers to stay ahead of evolving threats, especially in the context of organizations adopting generative AI to maintain a competitive edge. He noted that hackers are actively enhancing their skills to confront emerging threats, underscoring their critical role in helping customers identify and address security risks.
Google recently expanded its bug bounty program to encompass generative AI, recognizing its significance in the security landscape. Notably, hackers on the platform exhibit a particular interest in crypto and blockchain entities, primarily due to the substantial rewards they offer. This year's highest payout in this category amounted to $100,050.
In addition to perceiving AI as a growing threat, hackers themselves intend to employ AI in their daily activities. A survey revealed that 61% of respondents plan to utilize and develop hacking tools based on generative AI to discover more vulnerabilities, while 62% aim to specialize in the Open Web Application Security Project (OWASP) top 10 for LargeLanguage Models. Furthermore, hackers intend to leverage AI to enhance their report writing, coding, and mitigate language barriers.
HackerOne's security report drew insights from customer feedback and input from 2,000 hackers on the platform, compiled between June 2022 and September 2023.