Monero staff has stated in the same HackerOne report that even though the bug was plagiarized, that they are unable to withdraw the already-paid sum of money.<p>"NB: this disclosure was stolen (!!) from Guido Vranken's original disclosure without any credit given to him. We missed that this was ripped straight from there as our focus was on reproducing the issue and fixing it. This is beyond scummy. Please don't do this. We've reached out to Guido to pay him a bounty; sadly we can't redact the bounty from Everton Melo."