A 19-year-old Argentinian has become the first person to earn more than a million dollars from ethical hacking, according to the bug bounty platform HackerOne.
Santiago Lopez, who has only been coding for around four years, fended off competition from significantly more experienced hackers to secure the title.
Since joining the platform in 2015, he has reported 1,600 flaws in software at firms such as Twitter and Verizon, and become its top ranked hacker internationally.
Sign up to Emerging Threats, our weekly cyber security newsletter
“I do not have enough words to describe how happy I am to become the first hacker to reach this landmark,” said Lopez. “I am incredibly proud to see that my work is recognised and valued.”
“To me, this achievement represents that companies and the people that trust them are becoming more secure than they were before, and that is incredible,” he added. “This is what motivates me to continue to push myself and inspires me to get my hacking to the next level.”
Speaking to NS Tech last year, Lopez revealed he taught himself how to hack using online tutorials. “I wasn’t interested in money at first; I just wanted to learn. But then I found HackerOne and I discovered the bug bounty programmes. My life has changed a lot since I started using it.”
Lopez has moved house and bought a car since joining the platform. But when he was interviewed by NS Tech last year, he was unsure about his long-term plans, saying he could stay in Argentina and earn “good money” or “maybe go to work for a company in San Francisco”.
Ethical hacking has become a popular career path among the developer community in recent years, with companies offering significant payouts to those who find vulnerabilities in their software. HackerOne’s latest annual report reveals that $19m in bounties were paid out last year alone, nearly as much as during the previous six years combined.
“The perception of hackers is changing,” said HackerOne’s community director Luke Tucker. “With the frequency of cyber attacks swelling to new highs, companies and government organisations are realising that in order to protect themselves online, they need an army of highly skilled and creative individuals on their side — hackers. As more organisations embrace the hacker community, the safer customers and citizens become.”