Nintendo offers up $20,000 for 3DS exploits

Games giant Nintendo is offering rewards of up to $20,000 to those who can find, identify and report on security issues within its handheld 3DS range.

The Japanese outfit has set up its own Bug Bounty program on the HackerOne website, with the minimum bounty paid set at $100 but raising all the way to $20,000 for bigger exploits and vulnerabilities.

The company is looking specifically for combat piracy, cheating and save data modification and it’s more interesting in exploits using its 3DS hardware, software or Nintendo-published applications on the 3DS range.

If you’re thinking of having a crack, rewards will be paid out to the first to report an issue and only after Nintendo have fixed the issue.

"A report is evaluated to be high quality if you show that the vulnerability is exploitable by providing a proof of concept (functional exploit code is even better)," said Nintendo in its page on HackerOne. "If you don’t yet have a proof of concept, or functional exploit code, we still encourage you to report to us sooner rather than later."

"You can then submit a proof of concept or functional exploit code later (within three weeks of the initial report) and it will be considered to be a part of the report. The reward will be paid after the vulnerability has been fixed by Nintendo."