hamzab3t
957 posts
hamzab3t
@bbhunterb3t
information security, bugs hunting and stuff.
normal super เข้าร่วม Haziran 2014
1K กำลังติดตาม422 ผู้ติดตาม
English
I Saved Injective's $500M. They Pay Me $50K.
I like hunting bugs on @immunefi . I'm decent at it.
- #1 — Attackathon | Stacks
- #2 — Attackathon | Stacks II
- #1 — Attackathon | XRPL Lending Protocol
- 1 Critical and 1 High from bug bounties (not counting this one)
Life was good. Then I found a Critical vulnerability in @injective .
This vulnerability allowed any user to directly drain any account on the chain. No special permissions needed. Over $500M in on-chain assets were at risk.
I reported it through Immunefi. The next day, a mainnet upgrade to fix the bug went to governance vote. The Injective team clearly understood the severity.
Then — silence. For 3 months. No follow up. No technical discussion. Nothing.
A few days ago, they notified me of their decision: $50K. The maximum payout for a Critical vulnerability in their bug bounty program is $500K. I disputed it. Silence again. No explanation for the reduced payout. No explanation for the 3 month ghost. No conversation at all. To be clear: the $50K has not been paid either.
I've seen others share bad experiences with bug bounty payouts recently. I never thought it would happen to me. I can't force them to do the right thing. But I won't let this be forgotten.
I will dedicate 10% of all my future bug bounty earnings to making sure this story stays visible — until Injective pays what I deserve.
Full Technical Report: github.com/injective-wall…
English
Hey #bugbounty hunters 👋
I am zack0x01 and my old account @zack0x01 got banned 🚫 by X
So this is my new account, follow me here fore more #bugbountytip 😊
Thank you 🙏
English
🤯A Security Researcher just got paid $3,000,000 for a single smart contract security vulnerability. Biggest payout we've seen in 3+ years.
This certainly was a HUGE hack prevented. BIG win for the whole web3 community, props to the whitehat, Immunefi & the project itself🫡
English
Yay, I was awarded a $65,000 bounty on @StandoffBB ! standoff365.com/en-US/profile/…
#TogetherWeHitHarder #BugBounty
English
@harmonyprotocol Are you reachable via security@harmony.one, or is there another preferred email address or platform (e.g., a bug bounty program page) for reporting security issues?
English
Validators and Delegators,
We have been notified of recent unusual and potentially malicious undelegation events. We ask all validators to communicate with their delegators.
For any unwanted undelegations, users should re-delegate as soon as possible before the tokens become unstaked, while we coordinate with validators on further mitigation efforts and explore options for users to transfer funds from impacted wallets to new wallets.
English
hamzab3t รีทวีตแล้ว
The 20 best places to travel in 2026
1. Abu Dhabi 🇦🇪
2. Algeria 🇩🇿
3. Colchagua Valley, Chile 🇨🇱
4. Cook Islands 🇨🇰
5. Costa Rica 🇨🇷
6. Hebrides, Scotland 🏴
7. Ishikawa, Japan 🇯🇵
8. Komodo Islands, Indonesia 🇮🇩
9. Loreto, Baja California Sur, Mexico 🇲🇽
10. Montenegro 🇲🇪
11. Oregon Coast, US 🇺🇸
12. Oulu, Finland 🇫🇮
13. Philadelphia, US 🇺🇸
14. Phnom Penh, Cambodia 🇰🇭
15. Guimarães, Portugal 🇵🇹
16. Samburu, Kenya 🇰🇪
17. Santo Domingo, Dominican Republic 🇩🇴
18. The Slocan Valley, Canada 🇨🇦
19. Uluru, Australia 🇦🇺
20. Uruguay 🇺🇾
Source: BBC, alphabetical order
English
$1,500 bounty on @Hacker0x01!
The maximum severity for DOM XSS and Reflected XSS is Medium in their policy. But if @malekmesdour uses his magic, the bonus will come ;)
hackerone.com/eye_ #TogetherWeHitHarder
English
hamzab3t รีทวีตแล้ว
Algerians 🇩🇿 have been waiting for this match for 44 years.
English