Lol, guys, "hacker" doesn't mean someone is a criminal.
I have found and reported security vulnerabilities on plenty of bitcoin sites (bitcointalk, poloniex, primedice, betking, bitsler, crypto-games, bitdice, nitrogen and many more.) I normally only work on a bug bounty basis (pay per bug found based on potential damage, nothing found is no payment.) Obviously I will only test the site if you are the owner. You can PM me details if you want me to have a look.
No.Don't trust any wannabe hackers here.Neither I've heard of a hacker in this forum who actually knows shit.Ignore all the inbox messages you will get.All wannabe kids.
Well.. I do have a fancy hacker emblem under my name *brag brag*
But they say more than 90% of the bug reports on a public bug bounty program are wrong/fake/no-context/etc. - so I agree with the sentiment of "many wannabes out there"