Pages:
Author

Topic: Lack of bug bounties from gambling platforms - page 2. (Read 786 times)

full member
Activity: 2086
Merit: 193
Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.
Maybe because they hired someone to the penetration teating and have someone tested the site? I joined fortune jack bug campaign before and It's pretty fun because you will explore all of the function of the website and try to find bug from it. I'ved tried bug bounty once and I personally like it because it's fun and you can gain knowledge from the experience.
Hiring someone to monitor the site from time to time are more ideal if you are planning to stay longer, top sites have the team handling this one so maybe this is one of the reason why bug bounties are no longer active. I remember that fortune jack, and the usual bug are the graphic bug, or at least a missing letter which can easily only if you have the professional team. Bug bounties might not be effective that much, that’s why new site today choose not to have this.
hero member
Activity: 2730
Merit: 632
I said it would be not all people would really be doing that specially if he had able to make out money easily with those kind of exploits which he might able to make more money rather than on telling the team.
Thats if he could make out some withdrawal successfuly but most of the case whenever there are some unusual or shady activity, then the platform or site itself wont really be that dumb
on not to notice a players activity which it mind still end up on getting those funds to be locked up.Some doesnt really like on having those kind of advantage which ethically speaking,
which it is really indeed illegal and we dont really like to get ourselves involved on this type of stealing.
I think that's one of the reason why casinos didn't start bug bounties after quite some time because of some people won't report the bug that a person found that want to exploit. I am sure that there are other reason which is that they already have found or hired a person to work for their casino which the job is to find bugs and find way to fix it and the casino doesn't have to reward every bug found since it is now a job for one or more than one person to find bugs.
Unless if you do really like to flex out the security of your own site as an owner which you do run off some bounty publicly and prove out that no one could ever bypass their security.
Its true that why would really be needing to make some expense on running a bounty if you could just simply hire someone on enhancing your security and that would really be
charged in one go rather than on making some expense on running a bounty and this is why we cant really see someone who do really run this type of bounties
as of todays.There's no such thing about perfect security but there are experts who can really be hired in regarding on this manner.
legendary
Activity: 1708
Merit: 1280
Top Crypto Casino
I said it would be not all people would really be doing that specially if he had able to make out money easily with those kind of exploits which he might able to make more money rather than on telling the team.
Thats if he could make out some withdrawal successfuly but most of the case whenever there are some unusual or shady activity, then the platform or site itself wont really be that dumb
on not to notice a players activity which it mind still end up on getting those funds to be locked up.Some doesnt really like on having those kind of advantage which ethically speaking,
which it is really indeed illegal and we dont really like to get ourselves involved on this type of stealing.
I think that's one of the reason why casinos didn't start bug bounties after quite some time because of some people won't report the bug that a person found that want to exploit. I am sure that there are other reason which is that they already have found or hired a person to work for their casino which the job is to find bugs and find way to fix it and the casino doesn't have to reward every bug found since it is now a job for one or more than one person to find bugs.

That's one of the main reason too there's a chance they will not report the bug for the gambling casino instead they use this to make an abuse with the system and got a tons of profit and for the gambling casino too it's hard to trust if just only a normal people who make a penetration testing unlike hiring a bug bounty hunter with a contract there's a higher chance to get the system more efficient.

Still some of the platforms offering an open bug bounty to the community for their improvements and this will be well documented.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
I said it would be not all people would really be doing that specially if he had able to make out money easily with those kind of exploits which he might able to make more money rather than on telling the team.
Thats if he could make out some withdrawal successfuly but most of the case whenever there are some unusual or shady activity, then the platform or site itself wont really be that dumb
on not to notice a players activity which it mind still end up on getting those funds to be locked up.Some doesnt really like on having those kind of advantage which ethically speaking,
which it is really indeed illegal and we dont really like to get ourselves involved on this type of stealing.
I think that's one of the reason why casinos didn't start bug bounties after quite some time because of some people won't report the bug that a person found that want to exploit. I am sure that there are other reason which is that they already have found or hired a person to work for their casino which the job is to find bugs and find way to fix it and the casino doesn't have to reward every bug found since it is now a job for one or more than one person to find bugs.
hero member
Activity: 2730
Merit: 632
Depending on the individual motive and profession and as a software developer one can be invited for such bug bounty by the team and if the casino find is worthy the developer will walk away with the negotiated payment, both again we must know some fact about software it is that there is always a back door and the one with the code control everything. So the reason why we have so many casinos abuse is because of all this set backs.
 
There are two possibilities for this, the first one is that there is in fact bug bounties in some of the casinos but those are not public and you need to be invited directly by the ones in charge of the code and the security of the casino in question, the second possibility is that as you state some casinos do not care about this and they are not testing the security of their website as well as they should, however if you find a vulnerability you may report it and try to negotiate a fee for your efforts in finding that bug and other bugs you may find in the future.
Exactly, because every casino will increase the security of access from hackers so the 2 possibilities you mentioned are how the casino accepts developer services for privacy and security factors. Usually there is a special page for the bug bounty campaign so that anyone who finds a bug can submit it on the form provided, then if the bug report is valid and includes a high level of security will be paid high by the casino platform.
Depends on a certain person because there are individuals who do able to find those bugs will surely be exploiting and abusing it rather than on making out some report or ticket on telling the team.
There are even platforms who doesnt really give out any bounties or reward for some possible crucial finds that really affects or do pertains about security.
But knowing with those popular platforms which someone do find out some bugs and they havent paid out and then that someone do make out some complaints and posting into this forum
then for sure they would really be getting that sympathy since it is really just worth on getting a bounty or reward for that.
Am sure if a player on a gambling site discovers any bug and reports such to the support he will receive a good reward for doing that.
I said it would be not all people would really be doing that specially if he had able to make out money easily with those kind of exploits which he might able to make more money rather than on telling the team.
Thats if he could make out some withdrawal successfuly but most of the case whenever there are some unusual or shady activity, then the platform or site itself wont really be that dumb
on not to notice a players activity which it mind still end up on getting those funds to be locked up.Some doesnt really like on having those kind of advantage which ethically speaking,
which it is really indeed illegal and we dont really like to get ourselves involved on this type of stealing.
hero member
Activity: 1456
Merit: 940
🇺🇦 Glory to Ukraine!
Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking?

the site owner certainly has a reliable team to handle the security system, even the programming has been designed in great detail before the site is published so it will not involve many people.  maybe that's one of the reasons why gambling platforms don't provide bug bounty services because they are quite vulnerable and of course there are certain communities or organizations that are able to test them themselves
The owner will not run their platform without assuring that their site is secure. They surely have enough funds allocated to maintain the security of their site because that's how businessmen protect their businesses.
We might not see or notice it but they are doing it as a part of the maintenance system and they don't need to broadcast it.

I think that it depends and that it is not the same for every online casino. Some online casinos have a good security measures in place to protect the platform and their players from hacking and theft, but it is also true that there are also those who are not that secure. For example, it is common knowledge that some online casinos do not have a good reputation and they don't care about their customers. So it is entirely possible that these types of online casinos are insecure, and their protection system is not strong enough to keep the data safe from hackers. Because of this, it is a good idea to be extra cautious and make sure that any business, especially those that involve money in their transactions, is safe and secure. The online casinos are not perfect and they have weaknesses that can be exploited by hackers, scammers and other criminals. The only way to get the most secure platform is to choose a casino that uses software from reputable providers. These companies have huge experience and long term relationships with the big-name casinos, so they can be trusted to deliver the best possible service to customers .
hero member
Activity: 1022
Merit: 667
Top Crypto Casino
Maybe the casino owners are hiring full-stack developers who test their code as well develop it.
Maybe they would have hired Quality Engineers to test the complete site for UI and UX.
The reason might be anything. Besides that, if someone is good at bug bounty they can find bugs from any site and just report it to the owner.
If the site owner would be generous enough then they would reward that person anyway.
As time evolves and new developments to meet up with present security demands are constantly contended against, most casinos already have highly placed security teams that work on updating and developing new anti-bug software that will help against any bug attack and leakage. Quite a lot of other casinos that have fallen victim to bug attacks suffered badly at the hand of abusers who took advantage of such bugs to abuse the system, but now most casinos are proactive against bugs and other security challenges.
full member
Activity: 1708
Merit: 126
Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking?

the site owner certainly has a reliable team to handle the security system, even the programming has been designed in great detail before the site is published so it will not involve many people.  maybe that's one of the reasons why gambling platforms don't provide bug bounty services because they are quite vulnerable and of course there are certain communities or organizations that are able to test them themselves
The owner will not run their platform without assuring that their site is secure. They surely have enough funds allocated to maintain the security of their site because that's how businessmen protect their businesses.
We might not see or notice it but they are doing it as a part of the maintenance system and they don't need to broadcast it.
legendary
Activity: 2492
Merit: 1145
Enterapp Pre-Sale Live - bit.ly/3UrMCWI
Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.
Maybe because they hired someone to the penetration teating and have someone tested the site? I joined fortune jack bug campaign before and It's pretty fun because you will explore all of the function of the website and try to find bug from it. I'ved tried bug bounty once and I personally like it because it's fun and you can gain knowledge from the experience.
hero member
Activity: 2954
Merit: 796
May be the casino owners are hiring full stack developers who test their code as well develop it.
May be they would have hired Quality Engineers to test the complete site for UI and UX.
Reason might be anything. Besides that, if someone is really good at bug bounty they can find bugs from any site and just report it to the owner.
If the site owner would be generous enough then they would reward that person anyway.

This is always the case right now. Casino has there own employee to oversee the security of the casino due to the huge amount of money involved nowadays in the casino. They are now investing on security compared before that they do it by themselves with the help of this bug bounty hunter. I remember that some abused this before by attacking the casino and reported it as bug to claim rewards.

Nowadays those critical bug is already solved since most the games are now coming from 3rd party which has license and audit properly.
hero member
Activity: 1498
Merit: 547
Top Crypto Casino
Nowadays every casino is trying their best to ensure the security of their site. However, the developers of that site know what is the level of security is required or where there are weaknesses. I think everyone who owns a prominent site should prioritize security first or else their everything could be vulnerable to hacking at any time. But this security issue is very secure. for this reason no one outside can know about it. The better sites have a dedicated security team that works on security all the time of their site.
Most of the casino start-ups as well as the already running casino already has great security measures added on their platform to avoid any issue on potential loss or hacking issue. It's very rare to hear if there are any gambling platform that have been hacked for the past years. However, loopholes and minor bugs are pretty common on most gambling platform where users usually abuse but once the casino noticed it, it usually gets fixed swiftly.
hero member
Activity: 2702
Merit: 716
Nothing lasts forever
May be the casino owners are hiring full stack developers who test their code as well develop it.
May be they would have hired Quality Engineers to test the complete site for UI and UX.
Reason might be anything. Besides that, if someone is really good at bug bounty they can find bugs from any site and just report it to the owner.
If the site owner would be generous enough then they would reward that person anyway.
hero member
Activity: 2128
Merit: 655
Leading Crypto Sports Betting & Casino Platform
Nowadays every casino is trying their best to ensure the security of their site. However, the developers of that site know what is the level of security is required or where there are weaknesses. I think everyone who owns a prominent site should prioritize security first or else their everything could be vulnerable to hacking at any time. But this security issue is very secure. for this reason no one outside can know about it. The better sites have a dedicated security team that works on security all the time of their site.
sr. member
Activity: 2828
Merit: 357
Eloncoin.org - Mars, here we come!
Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.
some of them may consider this as a threat to their security as some might not report the Bug at all and will use against them in time .

But there is a site I remember years back that had this Bug bounty , and I think  it ended well as now they formally relaunch  their Signature campaign with confidence .

So maybe the Bug bounty had helped them out for many reason and now they are enjoying the outcome of that said Bounty.

^But, why this is very rare now, what I mean is why most casinos did not run a bug bounty campaign.
I know it will add their cost but I think this is a proper way to know publicly the bug and their developer can quickly resolve it.
I think the best way in a new gambling casino is while having a signature campaign they also conduct a bug bounty campaign so that it will give boost to their improvement and progress.
One thing is for sure, we don't know what each of the casinos reason why they don't do that anymore. Possible that they already have their own providers for that task and that's why it's no longer needed.

If we don't see it most often then it only means that it's not needed anymore because they've got something that's doing it for them. As it is becoming rare, someone may want to ask that directly from them.
or maybe they have found a way to find Bug , or something offering directly so there is not need for Bounty inside the forum.
sr. member
Activity: 1792
Merit: 264
Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking?

the site owner certainly has a reliable team to handle the security system, even the programming has been designed in great detail before the site is published so it will not involve many people.  maybe that's one of the reasons why gambling platforms don't provide bug bounty services because they are quite vulnerable and of course there are certain communities or organizations that are able to test them themselves
legendary
Activity: 2604
Merit: 1504
Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.

If you read TaC online casinos, you will notice that many of them use third-party software solutions to ensure security, whose names are not disclosed, obviously they fully trust them and interact with them. In addition, as already mentioned here, the reward for detecting security failures was announced by Fortune Jack, Bitcasino, Cakebet online casinos or, for example, Betcoin casino conducted the Dice Bug Bounty program, You can also see the passing bug bounties on the website https://www.bugcrowd.com/bug-bounty-list/
full member
Activity: 1834
Merit: 166
Casinos should be bug-free and hacker-proof for them to gain the trust of the gambling community, there are casinos with their own created script because many casinos now are on the Whitelabel run platform, it's more cost-effective, easy to manage, and the burden is on the Whitelabel company they are the one who handles everything, that is why we seldom read of casino getting hacked it's not because hackers can't hack their system but they have experts developers to look for a patch 24/7 because that's their business, protecting their platform.
They make the debugging test before implementing them on site but you see with some minor vulnerabilities hackers can attack the site like the DDOS attack or draining out funds from wallets but they need to keep monitoring these issues with expert team with them.We can't say that this site is Full secure as we see with new updates there could be security risk or something like that.But they need to handle it as soon they find out about it.
legendary
Activity: 3066
Merit: 1312
Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking?

Are you a bug hunter so it makes you ask about such unusual question in this gambling board? Or is it because you care enough with the situation where gambling websites get hacked? I cant get the exact information on how many gambling sites are hacked, just wondering why you can say "most" while it is rare to see gambling sites are hacked in this crypto industry.

If I am wrong what gambling project do you think have the most secured system?, peace.

I have no idea to be honest since it is not my thing, but I believe most reputable crypto casinos do their best for their security system because they are aware about the chance to be hacked so they should have done all the best to minimize hacking attempt by hacker.
hero member
Activity: 2072
Merit: 656
royalstarscasino.com
The security of a system will not be exactly 100% secure. I believe that actually sometimes there are still gaps in various platforms. However, they may have their own special team that frequently checks or evaluates their program.
But I agree that there is nothing wrong with a gambling platform doing bug bounties. Because wouldn't this help them more to deal with the worst possible scenarios on their platform, right? Moreover, the bug bounty also provides several benefits to strengthen and improve their system.

I've been browsing and found that there are several gambling platforms that do it, but I don't understand whether they are really legit or not.
Maybe you can analyze them more.
MPL
BingX
Immunefi
copper member
Activity: 2968
Merit: 575
www.Crypto.Games: Multiple coins, multiple games
Why aren't gambling websites using bug bounties to test-run their platform security? I haven't seen any gambling platform doing this, maybe that's why most gambling websites became prone to hacking? If I am wrong what gambling project do you think have the most secured system?, peace.
Very rarely heard that any casinos were prone to hacking. And I am sure most casinos have bug bounties. They do pay users for finding bugs. The more serious the bug is, the higher they are willing to pay. You have to let them know how the bug can be replicated before they pay you or there would be many fake claims to try and scam the casino and trust me, it happens a lot!
Pages:
Jump to: