SoylentNews

looorg [soylentnews.org] writes:

https://venturebeat.com/2022/06/27/lockbit-bug-bounty/ [venturebeat.com]

Lockbit 3.0 Ransomware bughunting for $$$
So the makers of ransomware are now offering bug-bounties to find bugs in their software and info to doxx them. Rewards ranging from $1k to millions.
Question is can you trust them to pay out if you find something? And if you find something wouldn't it be more appropriate to send them to jail with it?
Or if you are a crook wouldn't you use what you found against them? Isn't it also a security risk for them to share code for their malware ransomware with outsiders?

I guess the question is: if you found something would you (1) give it to them for the bounty (2) use it against them to steal their shit (3) turn it over to law enforcement?

Original Submission