Rockstar Games teamed up with HackerOne a cybersecurity program in 2017. The aim was to target and fix security flaws in the immensely popular game GTA Online. This agreement is now updated so that security researchers and other people can report bugs as well as security flaws for both GTA Online and Red Dead Redemption 2 titles by Rockstar Games.
Rockstar Games Bug Bounty Program
The Bug Bounty program includes bugs that are major security flaws and can potentially leak user data rather than minor bugs and cheaters in GTA Online. For each valid security flaw that people find, they will be paid $150 by Rockstar Games to compensate for their time and effort.
The program has been quite effective as according to HackerOne. The bug bounty program has received over 55 reports in the past three months and all of them were valid reports.
Rockstar Games HackerOne Bug Bounty Program Rules
There are some restrictions/rules that the security researcher or individual reporting the security flaw must follow:-
- The user testing the bugs and security flaws may under no circumstances affect the experience of other users in any manner.
- You should be the first person to report a particular vulnerability to collect the bounty.
- You may not disclose the details of the vulnerability to anyone else except Rockstar Games before or after you submit the issue.
- You should not test any DoS (Denial of Service), Social Engineering attacks or any attack that includes you getting effective access to Rockstar Games’ property or servers.
- Any security flaw you may submit must be related to Rockstar Games owned property. Any fault associated with a third-party tool or gateway is out of scope.
Rockstar Games Ban Bounty
Also, Rockstar Games has claimed that they haven’t banned even one player incorrectly since the inception of GTA Online six years ago. They further explained that any user that was banned has cheated in some form or the other and any appeal against the bans couldn’t be claimed due to lack of evidence.
To further flaunt their anti-cheat system, they have offered $10,000 to any researcher who can prove that Rockstar Games has banned any account erroneously. They say that it is an effort to further improve their anti-cheat software. To claim the ban bounty, the researcher has to post a reproducible incorrect ban in GTA Online. If such a ban is found by the researcher, the banned test account will be restored and the bounty will be paid to whoever reports the incorrect ban.
You can find more details about the Bug Bounty and the Targeted Incorrect Ban Bounty programs here.