Bug bounty hunter bags $100,000 annually as hacker
A Duo For The Ages
25-year-old co-founder of a startup that has been heating it up over past few months called HackerOne says he has been breaking into computers since he was just 13 years old. Jobert Abma also says that he has been involved in a number of hacking scrapes and competition with his best friend and co-founder to the company, Michael Prins.
Abma grew up in the Netherlands and was friends with Prins from an early age. He allegedly gave his friend Prins an unusual gift (by normal people’s standard) for his graduation day. It was the username and password to a local TV station which was a regular news broadcaster of the school and any of the school related news. Abma recalls the TV station was not happy with the antics of the hacker.
Apparently teachers thought Prins, a year older than Abma was the culprit and not Abma, and they never told them who was to blame the situation. Luckily they can laugh it off now as Prins did 25 hours of community service washing windows. Abma laughs about it saying that’s what best friends are for.
At one time while the two were doing their hacking business and stuff, the Internet provider to Abma’s parents home was baffled with all the traffic that was going on and sent a letter to his parents saying, “We think there is a virus installed on your computer because there is all weird traffic coming from your systems,” to which his parents replied, “We don’t have a virus, we have a son.”
Their moment of truth came when Abma was in freshman year at their alma mater Hanze University of Applied Sciences in the Netherlands. In his freshman year, Abma and Prins started looking and trying to see how the school’s system was configured. They wanted to access the system which is responsible managing homework assignments and grades. They eventually managed to get into the system and found a way they could manipulate and get everyone’s grades.
Being good people the pair notified the software provider of the flaw in the system and they did not hear back in a long time. As a rule, most software companies prefer not to reply to each and every one of the people who call them saying they have found a bug.
Since there was no reply, they decided to report the matter to the university. The school then contacted the software vendor and that is when they acted and did something about it. The university was impressed and proud of the two that they decided to hire them for a wider and bigger open vulnerability test of the whole university.
Abma said the amount of money they got from the university contract was enough to pay off their college tuition and that the idea of going to a school and working for it at the same time was fascinating for him.
Hanze pleased with the pairs work published their research while the software company was displeased serving the two with a cease and desist letter.
The progress they made and all other factors included, their parents convinced them to start a company. And as with any startup customers were hard to come by, especially if it’s just two college kids.
The Next Step
As a way to get customers, they came up with challenges through which they told prospects that if they couldn’t manage to break into the company’s software in 60 minutes then they would buy the whole company. But if they did succeed with the hack, then the two would request a meeting to discuss things wrong with the system and ways to fix them.
The challenge was well received and soon they got contracts from the government, large banks, and insurance companies. He recalls the time as very exciting . Just 19 and 20 years old together with $10,000 a week salary was a huge amount of money for two college kids he says.
After achieving all this the pair thought of going to Silicon Valley and creating their own company there. Thus the birth of HackerOne, a company aimed to attract hacker, white hat hackers, who want to work and find bugs in other company systems and HackerOne gets a 20 percent commission.
These are the so-called bug bounty programs which are popular with many of the tech companies nowadays. HackerOne is efficient in that it provides the companies which want to hire hackers a screened pool of hackers who are safe to work with.