Ukraine hacker

Currently, Chris Evans, the CISO of bug bounty system HackerOne, apologized to Ukrainian hackers after erroneously blocking their bug bounty payouts next sanctions imposed on Russia and Belarus right after Ukraine’s invasion.

The bounty hunters were being informed of this in email messages notifying them that all transactions to HackerOne accounts from Ukraine, Russia, or Belarus have been paused.

“Owing to latest financial sanctions and export controls, if you are centered in Ukraine, Russia, or Belarus all communications and transactions (which include swag delivery) have been paused for the time staying,” an e-mail obtained by Ukrainian hackers from HackerOne examine.

The conclusion to freeze accounts for Ukrainians on the bug bounty platforms was also shared by HackerOne CEO Mårten Mickos via a now-deleted tweet expressing that the business would re-route all benefits to UNICEF for all hackers from sanctioned locations.

Mickos later on claimed he misspoke, adding that the bug bounty system in its place re-routes “hacker rewards to donations only on precise instruction by the hacker.”

On the other hand, following the unanimous outcry against the conclusion to freeze Ukrainian accounts, HackerOne backpedaled (or fastened their slip-up) and restored the hackers’ accounts, enabling them to withdraw their earnings yet again.

Now, HackerOne’s CISO Chris Evans apologized for HackerOne’s misguided conclusion pinning it on poor communication and the blocked payouts on backend troubles.

“On behalf of the HackerOne crew, I would like to apologize to the Ukrainian hacker local community for the aggravation and confusion that our weak interaction has induced. We have not (and will not) block lawful payments to Ukraine,” Evans claimed.

“There have been some wobbles in backend payment systems. Our teams are doing work really hard to decrease delays across all hacker payments. If you are in Ukraine and have any payment issues, I will personally aid you. DMs open.”

Evans also included that HackerOne will publish a routinely questioned queries (FAQ) webpage inside of 24 hrs to share much more information about what transpired.

“Thank you to the hacker local community for bringing these difficulties to gentle. We will fix our incorrect documentation, and I am reaching out to hackers separately. We often intention to be as clear as attainable, and will launch a FAQ in just 24 hours.”