Japan’s Largest Messaging App Launches Bug Bounty Hunt

Japan's Largest Messaging App Launches Bug Bounty Hunt

Ethical hackers from around the world have been invited to discover and fix vulnerabilities in Japan's largest messaging app. 

LINE Corporation today launched a public bug bounty program (BBP), offering hackers financial rewards for identifying glitches throughout LINE's web domains and core messenger application.

The program will run through HackerOne, which LINE has been using since July 2019 to run a private bug hunt in tandem with the company's own self-managed BBP. 

Since starting its permanent bug bounty program in June 2016, the company has received more than 1,000 reports and has paid over $300,000 in bounties through both self-run and HackerOne bug bounty initiatives.

From today, LINE will be transitioning its entire bug bounty ecosystem to the HackerOne platform. The hacker-powered platform has over 570,000 registered hackers. 

"We are thrilled to be moving to the HackerOne platform as it allows us to increase our visibility and thereby increase the amount of high-quality reports we receive as well," said Naohisa Ichihara, head of the cybersecurity department at LINE. "As being transparent about security issues is very important to us, we wanted a convenient way to disclose such information. Our original platform did not have an easy way of achieving this, so it was also a contributing factor in deciding to move to HackerOne."

Participation in the LINE bug bounty program is open and encouraged for all hackers worldwide. Bounty awards range from $500 to $30,000 for eligible valid vulnerabilities. Assets in scope include the main LINE application (for iOS, Android, Chrome, MacOS, and Windows) as well as the web domains https://store.line.me/, https://news.line.me/, https://music.line.me/, and https://live.line.me/

"With 164 million global monthly average users across their top four countries, LINE knows it’s imperative to protect user information around the clock," said Attley Ng, HackerOne’s VP, Asia Pacific (APAC). "By adding the largest community of ethical hackers in the world as an extension of their cybersecurity team, LINE enhances their global approach to security and improves the safety of their customers."

APAC continues to be one of the fastest-growing regions for hacker-powered security. According to HackerOne’s 2019 Hacker Powered Security Report, the number of hacker-powered security programs grew by 30% in the region year over year between 2018 and 2019. 

HackerOne opened its APAC headquarters in Singapore earlier this year, and now counts Ministry of Defence Singapore (MINDEF), GovTech Singapore, Xiaomi, Zomato, Toyota, Nintendo, Grab, and Alibaba among its customers.

Source: Information Security Magazine