😲 New law on "white" hackers — from legalization to crime?

In Russia, amendments are being prepared that allegedly legalize the activities of "white" hackers😱 — but in reality, this could turn many vulnerability researchers into criminals🥂. The new version of the bill has already been agreed upon and will soon go to the State Duma.

🤬 What is changing:

• Vulnerability research will be considered an "enterprise" and allowed only through accredited platforms.

• Anyone searching for bugs — from bug bounty and pentests to enthusiasts — will have to undergo verification and work under the control of the FSB, FSTEC, and NCC.

• Found vulnerabilities must be reported to the government.

• A register of "white" hackers is planned — with publication on the law enforcement website.

• For non-compliance — a real risk of criminal prosecution (up to Article 274 of the Criminal Code and related norms): what was previously research may become an offense.

🕺 In summary: if you find a vulnerability — do not send it anonymously to the public, but report it to the law enforcement agencies. 😏