As one of the best secure anti-detection browsers for multi-account and multi-platform management, ensuring the privacy and security of our user data is a top priority for MoreLogin. We are thrilled to announce our latest initiative in this ongoing commitment: we have established a bug bounty program in collaboration with BugRap. This program is more than just a gesture; it reflects our serious commitment to maintaining the highest standards of security.
While MoreLogin tests our solutions and infrastructure every day, we know it's important to augment this testing by tapping the ethical hacker community to help identify edge-case vulnerabilities that may only be detectable under certain use cases and circumstances.
BugRap, a community of whitehats and security partners, provides comprehensive security support for various projects. By leveraging the expertise of thousands of white hat hackers and collaborating with top Web3 security firms like SlowMist and Numen Cyber, BugRap ensures that security issues are identified and resolved efficiently. Many projects have joined BugRap, including MerlinChain, the pioneer in the blockchain sector.
That is why MoreLogin has established the bug bounty program on BugRap’s platform. By working together, we can identify and address potential vulnerabilities before they can be exploited.
Bug bounty, in a nutshell, it’s a contemporary compliment to the traditional security testing we already have in place. This always-on crowdsourcing mechanism allows vulnerabilities to be reported to us, any time, by anyone (including you!). With a public bounty in place, we incentivize the public to pressure-test the security of our product with the unique expertise that only fresh eyes can bring. When they find us a new problem to fix, or risk to mitigate proactively, we recognize the work with payment!
You can read the bug bounty program rules in full on our BugRap page. Here’s a snapshot:
Rewards or recognition require that the MoreLogin security team can reproduce and verify an issue and that the security impact is clear.
Vulnerability testing is only limited to PoC(proof of concept), and destructive testing is strictly prohibited.
Do not leak the details of the vulnerability.
MoreLogin highly values each contribution, if we find your report to be valid, and you’re the first to report it, we’ll offer generous rewards for your time and effort in proportion to the severity of the issue you discover.
Severity |
Description |
Reward |
Critical |
Critical severity vulnerabilities will have a significant impact on the security of the project, and it is strongly recommended to fix the critical vulnerabilities. |
1,000 ~ 1,500 USDT |
High |
High severity vulnerabilities will affect the normal operation of the project. It is strongly recommended to fix high-risk vulnerabilities. |
150 ~ 1,000 USDT |
Medium |
Medium severity vulnerability will affect the operation of the project. It is recommended to fix medium-risk vulnerabilities. |
50 ~ 150 USDT |
Low |
Low severity vulnerabilities may affect the operation of the project in certain scenarios. It is suggested that the project team should evaluate and consider whether these vulnerabilities need to be fixed. |
0 ~ 50 USDT |
As a provider of products and services for users across the internet we understand security and privacy are instrumental in maintaining the trust placed in us. MoreLogin’s commitment to security is unwavering, and we welcome all whitehats and security partners to join our program in this endeavor, making our platform safer for everyone!