League of Legends Bug Bounty Program will pay folks to find vulnerabilities

By Stephany Nunneley
22 November 2014 16:27 GMT

A League of Legends vulnerability on the game’s official website discovered by Jamieson O’Reilly, a player who happened to be a security researcher, has led Riot Games to implement a program which enlists the help of its player base.


Per a posting on the official Riot Games website, a new bounty program currently in closed beta will pay folks for finding game breaking bugs, exploits, and any type of vulnerability which can cause outsiders to hack into the system and start phishing players.

Currently open to a few security professionals, Riot has doled out $100,000 in rewards to those who have help squish over 75 different bugs, exploits, and other vulnerabilities.

“These professionals have helped us squish more than 75 bugs, vulnerabilities, and exploits, including client crash exploits, vision related exploits, and vulnerabilities that could potentially lead to player impersonation on forums,” said Riot.

“Before we can expand the program, we need to get aligned on a foundational workflow that allows our security team to efficiently handle every report from the field and turn them into bugs that development teams will own. The real measure of the bounty program’s effectiveness is if Riot can earn the trust of the security research community and if players feel like Riot is serious about improving security.

“Thanks to passionate security pros like Jamieson O’Reilly and others, we’re finding and fixing weak points in our nexus. We look forward to the day the entire community can join the hunt.”

Find bugs in the game you play and get paid? Not a bad deal at all.

Thanks, Massively.

Sometimes we include links to online retail stores. If you click on one and make a purchase we may receive a small commission. Read our policy.

VG247 logo

Buy our t-shirts, yeah

They're far more stylish than your average video game website tat.

VG247 merch