To most people, a hacker is someone who breaks into systems and networks illegally. They are often judged as criminals and threat actors. But in fact, hackers can come in many forms, and those who work legally as hackers are called white hat hackers or ethical hackers.
These people are hired by someone or some companies to break into their systems and networks, and discover vulnerabilities or bugs. They can also work by on their own by hacking their way into systems and notify the owners without doing any damage.
This way, these ethical hackers work to make systems more secured.
In August 29th, HackerOne, a U.S.-based vulnerability coordination and bug bounty platform that connects businesses with penetration testers and cybersecurity researchers, announced that six hackers signed up to its bug bounty platform, and have earned more than $1 million each.
"HackerOne has half a million registered hackers, and 600 new people join every day," said Laurie Mercer, a security engineer at HackerOne, "and they have discovered over 130,000 vulnerabilities so far."
And Santiago Lopez, a 19-year-old from Argentina, was the first to make a million dollars in bounties.
According to Lopez:
"I am a completely self-taught hacker, and learned through the internet, online tutorials and by reading books."
His route into hacking was also inspired by watching the Hackers movie.
In 2015, Lopez signed up with the HackerOne platform and realized that he could make some money from his skills. He received his first bounty at the age of 16 in 2016. At that time, the price was just $50.
"It took me a long time to find my first vulnerability," Lopez recalls, "but with patience and effort it was achieved, and it was really worth it."
Since joining the platform, and until he became a millionaire, he has reported at least 1,600 flaws in software at firms such as Twitter and Verizon, and become its top ranked hacker internationally. Lopez who has only been coding for around four years until 2019, fended off competition from significantly more experienced and older hackers to secure the title.
"To me, this achievement represents that companies and the people that trust them are becoming more secure than they were before, and that is incredible. This is what motivates me to continue to push myself and inspires me to get my hacking to the next level."
“I wasn’t interested in money at first; I just wanted to learn. But then I found HackerOne and I discovered the bug bounty programmes. My life has changed a lot since I started using it.”
With the money he earned, Lopez has moved to his own house and bought two cars.
Ethical hacking has become a popular career path among the developer community, especially since big companies are having their own bounty programs that pay huge sum of money.
HackerOne’s 2019 annual report revealed that $19 million in bounties were paid out in 2018 alone, or nearly as much as during the previous six years combined.
"The perception of hackers is changing," said HackerOne’s community director Luke Tucker. "With the frequency of cyber attacks swelling to new highs, companies and government organisations are realizing that in order to protect themselves online, they need an army of highly skilled and creative individuals on their side - hackers. As more organisations embrace the hacker community, the safer customers and citizens become."
The first hacker to earn $2 million on HackerOne, was Cosmin Iordache, a.k.a. 'inhibitor181'.