A "white hat" hacker in India ferreted out a flaw in Facebook code that could have been disastrously exploited. He reported it instead.
An Indian tech enthusiast found and reported a bug in Facebook that would have allowed a motivated hacker to delete anyone’s public photos posted to the social media site. That won him a $12,500 “bug bounty” from Facebook, according to a report by SC Magazine.
Laxman Muthiyah recently discovered a way around the code that was intended to prevent Facebook users from deleting photos in accounts other than their own. He tested it by setting up a dummy account. Once he verified the vulnerability, he promptly reported it to Facebook’s security team.
According to a post on Muthiyah’s blog, Facebook fixed the bug within two hours of his report and then notified Muthiyah that they would pay him a reward of $12,500 through its Bug Bounty program.
When he’s not busy uncovering major security vulnerabilities on Facebook, Muthiyah is a web developer at Behindwoods, an Indian entertainment site, Business Insider said.
Facebook said photos that were public were at risk, though photos saved in private albums were safe, BI reported.
Beyond the cash bounty, Muthiyah was looking forward to getting his name included on the Facebook Bug Bounty list of “white hat” hackers who have helped them make the massive social media network more secure.
As he wrote on his blog:
Soon i ll get my [name] listed for the year 2015 😀
HALL OF FAME
In a world of data theft, security threats and online tricks, it’s nice to know there are “white hats” like Muthiyah out there, too, fighting the good fight.
Have your social media accounts ever been hacked or have you feared that they would? Let us know in comments below or on, well, our Facebook page!
While on the subject of digital security, watch this video on what happens to your data after you die: