LINE Launches HackerOne Open Bug Bounty Program
LINE Corporation, Japan-based communication, today announced the launch of a public bug bounty program on the HackerOne site for pentest and HackerOne bug bounty.
Started in 2011, LINE became one of the world’s largest social platforms with hundreds of millions of users worldwide.
After the private bug bounty program was started on HackerOne in July 2019, LINE is now inviting all contributing hackers on the LINE core messager app and web domains to discover security vulnerabilities.
The private program has already proven successful, says the company, paying almost $30,000 in bug bounty rewards over four months and growing participation from hackers around the world.
Since June 2016, LINE has run its own bug bounty program. In combination with the recent privately-held HackerOne programme, over 1,000 vulnerability reports have been submitted and over $300,000 in bonuses paid.
With the introduction of the new public programme, the company has revealed that its entire bug bounty ecosystem is being transitioned to HackerOne.
“We are delighted to move to the HackerOne platform to increase our visibility and increase the number of high-quality reports we get. We wanted a convenient way to disclose this information, as transparency in security issues is very important to us, “said Naohisa Ichihara, head of the cyber security department at LINE.
The group of HackerOne has expanded to over 570,000 registered hackers, who are all welcome to participate in LINE’s bounty program for public bug issues. True reports of weakness could lead to currency losses of between $500 and $30,000.
LINE assets cover the application (iOS, Android, Chrome, MacOS and Windows) and web domain applications (store.line.me, news.line.me, music.line.me and live.line.me). LINE assets cover the program.
HackerOne disclosed in its Hacker Powered Security Report of 2019 that six of its registered hackers have already received over one million dollars of lifetime bug bounties and that over 50 hackers have won over $100,000 of bounty benefits on the site.
HackerOne has opened its head offices in Singapore earlier this year with leading clients in the country, including the Ministry of Defense in Singapore (MINDEF), GovTech Singapore, Xiaomi, Zomato, Toyota, Nintendo, Grab and Alibaba.
During a live hacking event in Singapore in March, Dropbox paid more than $300,000 to participating hackers in bug bounces.
The ICS Cyber Security Conference, which serves critical infrastructure and industrial Internet participants in the APAC region, will also be held in Singapore.