Protora Backdoor Challenge Offers $51,200 Bounty for Identifying Malicious Model
July 16, 2026
Seven SmolLM2-135M-Instruct checkpoints are hosted on HuggingFace, with six containing hidden backdoors that bypass standard scanners. A bounty doubles daily, reaching $51,200, for the user who identifies the specific model containing the exploit.
HOW THIS AFFECTS YOU
●
builderYou must verify model checksums against published SHA256 hashes before integration to mitigate supply chain risks.
●
policyThis demonstrates the inadequacy of current off-the-shelf scanners in detecting weight-level model poisoning.