NEWS

Hackers Discover 264 Vulnerabilities on Dropbox in One Day

Apr. 10, 2019

Hackers Discover 264 Vulnerabilities on Dropbox in One Day

Dropbox and HackerOne organized a single-day bug hunt that involved over 45 different hackers and paid out over $320,000 in rewards. Dropbox takes bug bounty programs very seriously because security and safety have always been a top priority; however, hackers were able to discover 264 different vulnerabilities inside the popular cloud platform. Dropbox also regularly conducts these bug hunts and it is an initiative that the company believes and trusts.

What is a Bug Bounty?

A bug bounty is a reward offered to a person who identifies an error or vulnerability within a computer program or network. HackerOne is a platform that has changed bug bounties and how hackers get rewarded, and as of right now there are over 390,000 registered hackers. More organizations, such as Dropbox, are participating in these bug bounties because it outlines threats and vulnerabilities in a network or system before they can be exploited by an attacker. Doing so also increases cybersecurity within the organization and makes all the networks or systems more secure.   

Rewards

Dropbox paid over $320,000 in rewards and in many different areas.

  • Remote Code Execution - $32,768
  • Significant Authentication Bypass - $17,576
  • Trivial Remote Code Execution in Dropbox App - $15,625
  • Cross-Site Request Forgery on Critical Actions - $13,824

SecureNinja is an award-winning training and certification school, and SecureNinja has a proven track record of assisting Fortune 100, Government, and Military organizations. For more information on how SecureNinja can benefit you or your organization fill out the form to the right of this post or visit secureninja.com/contact.