Flipkart Employee From Bangalore Gets Rs.10 Lakhs From Facebook For Reporting A Bug

0
2090
Who knew that  WHITE HAT HACKING could fetch you a lot of MONEY!
image source

Anand
Prakash, a Banglorean-based ethical hacker who just earned a whopping $15,000
from Facebook for reporting a bug. This could have put the users at risk. This
vulnerability would have made it possible for any hacker to open users’
accounts easily and without the slightest hint that their personal information
could be accessed.
The computer systems work on binary codes which are used for scripting
a password. The binary codes range from 0 to 9. So when a user notifies
Facebook about a lost password, a code is mailed to their email ID or texted to
their registered mobile number.The hacker uses these codes to crack the
password of an existing account. The technique which the hacker uses is probability
to get all the codes for a set of numbers. For Facebook, this set of numbers is
six digits. This takes around half-an-hour to 45 minutes.
Once the hacker gets all the possible codes, they start placing these on the
reset password page of the user using their username.
The bug Anand detected existed in the beta version of Facebook,
which  is a test version to see the
popularity of a website. The page Facebook.com has this bug fixed by putting a
limited number of attempts for a user to put in the codes. However, the beta
version of Facebook, which uses the same database as Facebook.com didn’t have
any upper limit on the number of attempts being. This provided a window for the
hacker, who could use different sets of code an unlimited number of times to
get into the account of a user.
He tested the bug on his own account and notified Facebook on Monday
evening., which could have jeopardised the privacy of its users. Facebook
solved the issue overnight and rewarded Anand with 10 lakhs.

image source
Says Anand,  “The current
bug that I detected with Facebook could have fetched me around Rs 50-60 lakh in
the black market, as this could have provided the hackers with personal
information of many FB users. But I am happy with the bounty.”
Anand is a White hat hacker, unlike a Black hat hacker who does not use
these bugs for personal gain. He discloses his findings to the company. So far,
he has detected 90 bugs for Facebook and also for many other sites like
Twitter, Google, RedHat, Dropbox, Adobe, eBay and PayPal. He has earned 1.4 crore till date by doing this.

Image result for banglore hacker awarded 10 lakhs for detecting bug in facebook
image source
Well, we’re so proud of you boy, for your high intelligence and for
showing such humility towards the welfare of so many users!

LEAVE A REPLY

Please enter your comment!
Please enter your name here