In fact, Hansa launched the program after a bug that infected AlphaBay, the biggest active online black marketplace, allowed outsiders to read private messages on the site. Hansa's spokesperson told CyberScoop that they've received reports about "numerous non-critical and simple bugs" since the program launched on January 30th. Those are worth 0.05 to 1BTC or around $500 to $1,000. The biggest bounty worth 10k is reserved for "vulnerabilities that could severely disrupt HANSA's integrity."

However, Sarah Jamie Lewis, a privacy researcher who worked on Dark Web security tool OnionScan, doesn't believe bug bounty programs could help dark net websites much. She says they need to go much deeper if they want to solve their security problems: