Crypto Finance Firm Offers $2m Bug Bounty to Hackers
Qubit Finance confirmed last week that an attacker had successfully exploited a vulnerability in its QBridge deposit function, managing to steal a large amount of Ethereum. The attacker was then able to convert the Ethereum into Binance coins with a value of tens of millions of dollars. The decentralized lending platform is now offering hackers a multimillion-dollar bug bounty in return for the stolen funds. In addition, the company pleaded with its attacker to return the funds before the firm took further action. The company stated that the loss of funds had a profound effect on thousands of real people.
Qubiit stated that the firm would offer a maximum bug bounty and drop charges if the attacker returned the funds. The bounty was increased to $1 million first, then $2 million on Sunday. It remains unclear whether the tactic was to buy investigators additional time, or if the firm would consider handing over millions to a cybercriminal that had stolen from them already. The firm is working on a new site that will enable affected users to access their digital wallets and file reports with local police. However, they have little hope of getting their money back unless the bug bounty works.