Hackers earned a record $40m (£28m) in 2020 for reporting software flaws via a leading bug bounty reporting service.
HackerOne said nine hackers made more than $1m each after it flagged their findings to affected organisations.One Romanian man, who only started bug-hunting two years ago, saw his total earnings to date top $2m. The UK's top-earning hacker made $370,000 last year.
The platform suggested the pandemic had given the volunteers more time to pursue the endeavour.
A survey HackerOne commissioned indicated that 38% of participants had spent more time hacking since the Covid-19 outbreak began.
Many of those involved work part-time and are based in dozens of different countries including the US, Argentina, China, India, Nigeria and Egypt.