Normally, game developers take it upon themselves to find game bugs and glitches and finding specific fixes for each. However, it is not the case with Riot Games, developer of the popular online game "League of Legends".
According to Cinema Blend, Riot Games enlisted players to search and identify game bugs whenever they discover these. The game developer started the Bug Bounty program which allows LOL players to immediately provide information about existing problems. In return, Riot Games provided them with cash incentives.
The beta version of Bug Bounty began in April 2013, helping the company find more than 75 exploits, bugs and other game issues. Some of the problems they solved included stopping steamers from playing League of Legends and preventing gamers to dodge penalties among others. The program has since rewarded researchers over $100,000.
RiotGames.com wrote that when researchers find new and serious security issues, they can go to the HackerOne page to report their discovery, in exchange for cash and credits. The minimum bounty that can be earned is $100. Some players who reported issues were able to receive their bounty within a period of 24 hours only
Gamer Headlines reported that Riot Games also provided a set of guidelines on how gamers should conduct their tests and searches. Players are advised on the things that they are allowed to hack and matters that should not be hacked. It is important that they do not interfere or compromise other gamers in the process. Otherwise, they can get banned or be criminally sanctioned.
Currently, the program only allows designated researchers, based on the same report by Cinema Blend. Riot Games is still fixing the workflow so that their security team can manage reports and convert these into bugs owned by development teams. Riot Games acknowledged on RiotGames.com that every software linked to the internet cannot be fully secure and there are individuals who constantly test the system and infrastructure looking for weaknesses, either out of curiosity or for malicious purposes.
Riot stated on its website, "The real measure of the bounty program's effectiveness is if Riot can earn the trust of the security research community and if players feel like Riot is serious about improving security. We look forward to the day the entire community can join the hunt. In the meantime if you are aware of any critical security issues that we should be aware of, reach out to our security team at soc@riotgames.com."
- Contribute to this Story:
- Send us a tip
- Send us a photo or video
- Suggest a correction
