P0rnHub revamps bug bounty, back pays cash, hires staff, after criticism

Hackers get 'exclusive' PornHub tees

Pornhub is paying thousands of extra dollars to researchers who have already submitted vulnerabilities under its bug bounty program as part of an overhaul.

The adult megasite draws a blistering 60 million visitors a day and pays up to US$34,764 (£17,016, A$34,767) for the worst bugs and as little as US$50 for small vulnerabilities.

It has now upped the payments of various bugs since it launched the program earlier this month, and is retrospectively paying additional cash to researchers who have already submitted and been paid for flaws.

It says it has received thousands of submissions since the program launched.

Of those some researchers critcised the site for paying too little for bugs, the most recent triggering a revamp to the amount of cash paid out for flaws.

Feature: The bug bounty boom.

PornHub told El Reg it is also immediately increasing its bug bounty staff numbers and responsiveness to reports.

"This is our first bug bounty program and it has been quite a learning experience for us," PornHub says.

"We have modified the payout table to better align with the other public bounty programs.

"We want to be fair with every researchers, and as such we have retroactively credited all past submissions according to the new payout table."

It has published a value chart so that researchers know how much a vulnerability class is worth, and added more detail to what bugs are in scope.

Its Premium service has also been included in the bug bounty, and all researchers who submitted bugs will now be paid.

Bug hunters will also be able to rock an exclusive Pornhub bug hunter tshirt.

"Pornhub employees don't even have this shirt," the company says.

"We truly believe a successful bug bounty program require happy and motivated researchers." ®

Sponsored: The Joy and Pain of Buying IT - Have Your Say


Biting the hand that feeds IT © 1998–2017