The security race in the cryptocurrency world is reaching new heights with Atomic Wallet. The developer of this popular wallet app recently announced the launch of a $1 million bounty, a bold move aimed at bolstering the security of its software in the face of an ongoing lawsuit linked to a $100 million hack last June.
An invitation to security experts from around the world
According to the announcement, the development team is inviting ethical hackers and security experts from around the world to discover software bugs and security flaws in the wallet’s open source code. White hat hackers who identify the most serious type of vulnerability and report it to the team will receive a $100,000 reward. This category of vulnerability is defined as any flaw that allows “a wallet to be attacked/drilled without physical access, installed malware, or social engineering, indicating an actual attack via the Internet and a flaw in our code or dependencies”, the announcement states.
If a hacker reports bugs or flaws that don’t meet this definition, he or she will receive between $500 and $10,000, depending on the severity of the vulnerability. For example, the post indicates that hackers will receive $5,000 for the discovery of a “high-risk” vulnerability and $10,000 for a “critical” vulnerability. The total prize pool for all discoveries is set at $1 million.
Commitment to future portfolio security
Konstantin Gladych, founder of Atomic Wallet, says the bug bounty program will help ensure the wallet’s security in the future. He says: “Recent events in the blockchain industry remind us once again that cybersecurity is a dynamic field, and the best way to stay ahead is to harness the creativity and expertise of the global community. We’re confident and eager to see how this program will contribute to our mission of providing a secure and seamless user experience.”
In June, blockchain analytics platform Elliptic reported the theft of over $100 million in crypto-currency from Atomic Wallet users following a cybersecurity attack. In August, a report indicated that victims of the attack were filing a class action lawsuit against Atomic Wallet, claiming damages for the incident. The developer has sought to dismiss a similar action brought in the US state of Colorado, claiming it “has no connection” with the US.
Atomic Wallet acknowledges that some users have reported the loss of funds following a cybersecurity attack. According to the company, the attacks only affected 0.1% of users and could be due to “a virus on users’ devices, an infrastructure breach, a man-in-the-middle attack or malicious code injection.”
