GameSpot may receive revenue from affiliate and advertising partnerships for sharing this content and from purchases through links.

Nintendo Offers Cash Bounties for 3DS Vulnerability Information

Watch out hackers, Nintendo's funding the crowd.

By on

16 Comments

Nintendo is offering rewards of USD$100 to USD$20,000 in return for detailed reports of vulnerabilities found in 3DS systems via HackerOne, a “vulnerability coordination and bug bounty platform” based in San Francisco.

“Nintendo is only interested in vulnerability information regarding the Nintendo 3DS™ family of systems and is not seeking vulnerability information regarding other Nintendo platforms, network service, or server-related information,” reads the company’s HackerOne page, in a desperate plea to please stay away from its other higher-risk systems.

Click To Unmute
  1. Minecraft – Kung Fu Panda DLC Trailer
  2. Sclash - Console Release Date Trailer
  3. Kingdom Come: Deliverance 2 - Official Cinematic Announcement Trailer
  4. Stellar Blade - BIBI ‘Eve’ Official Music Video Trailer | PS5
  5. Apex Legends: Urban Assault Collection Event Trailer
  6. Total War: WARHAMMER III - Elspeth von Draken Gameplay Showcase
  7. Potionomics: Masterwork Edition - Official Announcement Trailer
  8. Genshin Impact - "Arlecchino: Sleep in Peace" | Official Character Teaser
  9. Snowbreak: Containment Zone - "Gradient of Souls" Version Trailer
  10. Harold Halibut GameSpot Video Review
  11. Nancy Drew: Mystery of the Seven Keys | World Premiere Official Trailer
  12. Modern Warfare III & Warzone - Official Cheech & Chong Bundle Gameplay Trailer

Want us to remember this setting for all your devices?

Sign up or Sign in now!

Please use a html5 video capable browser to watch videos.
This video has an invalid file format.
00:00:00
Sorry, but you can't access this content!
Please enter your date of birth to view this video

By clicking 'enter', you agree to GameSpot's
Terms of Use and Privacy Policy

Now Playing: The Legend of Zelda: Breath of the Wild Gameplay Presentation - The Game Awards 2016

No Caption Provided

The practice of offering rewards for discovered vulnerabilities isn’t a new one. The first company credited with the idea was Netscape, which developed its program thanks to the efforts of technical support engineer Jarret Ridlinghafer. Many other companies have jumped at the idea, in the hope of turning potential attackers into collaborators, by incentivizing their efforts with cash rewards. Reading just from the HackerOne clients list, companies such as AirBNB, Amazon Web Services, Starbucks, Yelp, Uber, GitHub, Slack, Twitter, Dropbox, and many others offer various rewards to those that identify at-risk systems.

Nintendo is focusing potential hackers on the prevention of piracy, cheating, and the dissemination of inappropriate content to children. Under the Piracy heading, Nintendo also lists “copied game application execution,” which does put the unlicensed homebrew 3DS games community squarely in the crosshairs. The company has a history of this, with various exploits and hacks being patched out in firmware updates, and lawsuits launched at game copying devices such as the R4 card.

No Caption Provided

Rewards will be paid to the first reporter of a qualifying vulnerability, with the bounty amount being at Nintendo’s discretion. “The reward amount depends on the importance of the information and the quality of the report,” reads Nintendo’s HackerOne policy. “In general, the importance of the information is higher if the vulnerability is severe, easy-to-exploit, etc.”

It should be obvious, but any submitted vulnerability information, whether it is deemed worthy of a reward or not, will become the sole property of Nintendo. Even hackers need to read the fine print.

Submit vulnerability reports over at HackerOne.

Got a news tip or want to contact us directly? Email news@gamespot.com

Nintendo
3DS
Join the conversation
There are 16 comments about this story
Load Comments (16)