There is a new type of bounty hunting where the work can be done without stepping out of the house. Cyber bounty hunting has become a lucrative career for those who have the ability to find security vulnerabilities in the computer networks of large corporations.
Twenty-one-year-old Nathaniel Wakelam earned over $20,000 in just one month and says he can usually clear $250,000 per year. Wakelam began his career at the age of 18 and does most of his work at home or in the local coffee shops of Melbourne, California.
Companies like Microsoft, Tesla, Google and Apple offer prizes to bounty hunters to find vulnerabilities in their software. The prizes are part of corporate bug bounty programs or vulnerability rewards programs (VRP) which pay individuals to find bugs in software programs. Prizes can be as high as $200,000.
The US Department of Defense (DoD) implemented a similar program in March when 58 participants were invited to find vulnerabilities in its security. The program, called Hack the Pentagon, yielded 134 vulnerabilities during a three week period and paid out over $70,000 in bounties.
David Dworken, a 2016 high school graduate, received a personal invitation by the Pentagon to participate in the program. On his very first day he found six vulnerabilities. Dworken became a bounty hunter after successfully hacking his school’s website at just 16-years-old. He began collecting bounties within two years of the hack and has collected money and even airline miles using his cyber skills.
Facebook has paid more than $4.3 million in fees to bounty hunters since 2011 when they first launched their bug bounty program. More than 800 bounty hunters from 127 countries have participated in the program. In May, a 10-year-old boy from Finland found a vulnerability in Instragram’s code and was awarded $10,000.
For bounty hunters, the appeal is in the problem solving, but the monetary rewards sure don’t hurt.