Pornhub, initially thought of as place where people go to find kinks, is offering up to $25,000 to anyone who can uncover kinks of another kind: security-based ones.
The adult video site followed in the steps of some of the world's largest technology companies, such as Google, and launched a "bug bounty program" on Tuesday that invites hackers to breach the security on its website in order to find any flaws in the system in exchange for a monetary reward.
This bounty program is by no means new. It has been in a quite beta since last year, and during that time, around two dozen issues were identified and fixed.
"Like other major tech players have been doing as of late, we're tapping some of the most talented security researchers as a proactive and precautionary measure - in addition to our dedicated developer and security teams - to ensure not only the security of our site but that of our users, which is paramount to us," Pornhub Vice President Corey Price said. "The brand new program provides some of our developer-savvy fans a chance to earn some extra cash - upwards to $25K - and the opportunity to be included in helping to protect and enhance the site for our 60 million daily visitors."
Rewards range between $50 and $25,000 depending on the severity of the bug found, and in order to qualify, hackers will need to be the first to report the vulnerability, as well as send a clear description of the issue and how to reproduce the vulnerability, with images or proof of concept code. Probably most important of all among these requirements is that the vulnerability must be disclosed exclusively to Pornhub.
The adult entertainment site, whose program is being carried out through HackerOne, also outlined several additional rules online, such as forbidding people to carry out "denial of service" attacks, which basically overload a server and cause issues on the website, as well as physical attacks against offices and data centers. It also included a list of vulnerabilities that aren't eligible for rewards.
Pornhub's decision to make this program public is not surprising, as porn sites seem to get compromised quite often. For example, back in March, a hacker breached the Paper Street Media porn network, stealing the email addresses and passwords for thousands of users. In April, a hacker gained access to millions of user accounts at Naughty America, a company made up of about 46 individual porn sites, and put them up for sale.
Price noted that Pornhub itself faces cyberattacks from almost every region of the world. At least one of these attacks was quite successful, too, as back in September of last year, Pornhub unwittingly served malicious ads to visitors in a scheme known as malvertising.
Pornhub, like many other porn sites, have traditionally been at the forefront of innovation on the Internet through moves like video streaming and the adoption of VR, so with these sites facing continued attacks from hackers, its encouraging to see them placing a greater emphasis on security as well.