$6 Million Bug Bounty Paid to White Hat Hacker by Aurora and Immunefi

On June 7, Aurora, a DeFi-based decentralized application ecosystem based on third-generation blockchain technology, stated that it awarded an ethical security hacker dubbed pwning.eth $6 million. According to Aurora, this was the second-highest bug bounty that was ever paid in history.

The bug bounty was paid through the partnership with Web3's leading bug bounty platform named Immunefi.

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

Where to Trade Crypto: 3 Best Approaches Explained (Animated)

SUBSCRIBE

ON YOUTUBE

The “white hat” hacker revealed the critical vulnerability in the Aurora Engine way back in April. According to pwning.eth, this bug might have cost the ETH scaling solution more than $200M of its funds. Moreover, the vulnerability could have been exploited by various hackers to infinitely mint Ethereum (ETH) in the Aurora Ethereum Virtual Machine. In fact, the nested ETH pool reportedly had more than 70K ETH.

CEO and founder of Immunefi Mitchell Amador praised Aurora and the “white hat” hacker for such a fast response as no user funds were lost. On top of that, Frank Braun, the Head of Security at Aurora Labs, added that the ETH scaling solution would investigate the bug bounty initiative “as the last step in a layered defense approach and will use this bug as a learning opportunity to improve earlier steps, like internal reviews and external audits.”

The bug bounty initiative was fired up by Aurora in partnership with Immunefi precisely one week before the issue was identified. Immunefi also reported that it managed to successfully prevent more than $20B in potential damages. Communication Leads at Immunefi Jonah Micheals added:

“At a time of distrust in the markets, it’s important more than ever for Web3 projects to show that they take security seriously.”

Immunefi has supposedly paid out more than $40M in bug bounties and has over $145M bounties available.

Earlier this year, after suffering from a massive hack, Sky Mavis asked “white hat” hackers to identify any possible security vulnerabilities that may be present.

In other news, Aurora and Proximity labs launched a $90 million fund to boost DeFi development on the Near protocol.

Aaron S., Editor-In-Chief

Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.
With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.
Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.
Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.

Full Bio

All Expert Contributors & Analysts