Just In
- 46 min ago HONOR Pad 9 With Bluetooth Keyboard Up For Grabs At Rs 22,499 in India
- 52 min ago Report: Apple’s Foldable iPhone May Get Cancelled
- 1 hr ago Deal Alert: Grab the Samsung Galaxy S23 Ultra for Under ₹90,000 on Flipkart – Here’s How
- 3 hrs ago OPPO F25 Pro New Coral Purple Colour Variant Launched in India; Where to Buy?
Don't Miss
- Finance EPF Account Online: Quick Steps To Update KYC Details Online
- Automobiles Marelli Develops Revolutionary Automotive Lighting Platform In China
- News Good Friday 2024: Date, History, Significance, And Everything You Need To Know
- Movies Is Parineeti Chopra Pregnant? Actress Reveals Truth Amid Constant Pregnancy Rumours
- Education RSMSSB Junior Instructor Recruitment 2024; Apply online for 2500 Posts, Check out for more details
- Sports IPL 2024: Steve Smith also slams Hardik Pandya's captaincy - 'Perplexed, I mean you can't have...'
- Lifestyle Aditi Rao Hydari Marries Siddharth, Exploring Heeramandi Star's Ethnic Style Statements, Bookmark Now!
- Travel Explore Tamil Nadu's Diverse Wedding Venues
Chennai Researcher Wins $10,000 For Finding Vulnerability In Instagram Again
Last month, it was reported that a Chennai-based researcher named Laxman Muthiyah received a reward of $30,000 (Rs. 21.6 lakhs) from Facebook for spotting a bug in Instagram. Now, on Monday he revealed that he has discovered a new vulnerability which will make it easier for hackers to get access of anyone's account. This time he won $10,000 which is approx Rs. 7.2 lakhs as a part of a bug bounty program.
Back in July, Muthiyah spotted a similar bug which allows anyone to get access to any Instagram account without any permission. However, no need to worry because Facebook developers have taken care of the bug and the image and video sharing app is now safe to use.
"Facebook and Instagram security team fixed the issue and rewarded me $10000 as a part of their bounty programme," Muthiyah said in a blog post.
In his research, Muthiyah found that the unique identifier used by the social media server to validate password reset codes, can also be used for requesting multiple passcodes for different users.
"You identified insufficient protections on a recovery endpoint, allowing an attacker to generate numerous valid nonces to ten attempt recovery," Facebook said in a letter to Muthiyah.
Last month, Muthiyah spotted a bug which allows hacked to get access to any Instagram account by triggering a password reset.
"I reported the vulnerability to the Facebook security team and they were unable to reproduce it initially due to lack of information in my report. After a few email and proof of concept video, I could convince them the attack is feasible," Muthiyah wrote in a blog post.
Under the bug bounty program Muthiyah has already won around Rs. 28.8 lakhs. Let's see what else he is going to discover next and how much will he earn from the bug bounty program.
-
99,999
-
1,29,999
-
69,999
-
41,999
-
64,999
-
99,999
-
29,999
-
63,999
-
39,999
-
1,56,900
-
1,39,900
-
1,29,900
-
79,900
-
65,900
-
12,999
-
96,949
-
16,499
-
38,999
-
49,999
-
30,700
-
23,990
-
1,25,999
-
36,999
-
38,999
-
1,17,840
-
35,000
-
23,960
-
82,510
-
11,999
-
25,999