A surprising number of computer hackers earn over US$100,000 a year
But ‘good guy’ hackers are among those making a decent living through ‘bug bounty’ programmes

There’s no question that breaking into a computer and finding ways to get it to share its data or become a member of your zombie computer army is a valuable skill — a skill that can be used for good or evil.
We know that this skill pays well for those who use it for evil. It’s hard to track what the average high-end hacker earns, of course, but just one type of that sort of thing, ransomware, is said to be quite a lucrative business.
Ransomware is where a hacker finds a hole in your computer’s security and uses it to install software that locks your computer or its files, and will only unlock them once you pay a ransom. People reported to the FBI that they paid a total of US$24 million in such scams in 2015, and that number could be higher as it only counts those who reported the hack.
But it turns out, the good-guy hackers can also make a decent living by participating in what’s known as bug bounty programmes, according to new research from HackerOne, a start-up that orchestrates bug bounty programmes.
A bug bounty programme is when a company, (or government agency or other organisation) invites hackers to break into their software and then pays them bounties for the bugs they find. The more serious the bug or vulnerability, the bigger the bounty.
Google earlier this week announced that it would pay US$200,000 to a hacker who finds the best bug in Android, as part of its new “Project Zero Prize.” Second prize is US$100,000 and third is US$50,000. That kind of cash isn’t typical though.
For instance, Microsoft will pay between US$500 to US$15,000 for qualified bugs found in its new Edge browser.