Chennai techie finds a bug in Instagram, wins $30,000

Chennai-based security researcher Laxman Muthiyah has won $30,000 as a part of a bug bounty programme after he spotted a flaw in Facebook-owned photo-sharing app Instagram.

Mr. Muthiyah said the vulnerability allowed him to to “hack any Instagram account”.

He discovered it was possible to take over someone’s Instagram account by triggering a password reset, requesting a recovery code, or quickly trying out possible recovery codes against the account.

“I reported the vulnerability to the Facebook security team and they were unable to reproduce it initially due to lack of information in my report. After a few emails and proof of concept video, I could convince them the attack is feasible,” Mr. Muthiyah wrote in a blog post.

Facebook and Instagram security teams fixed the issue and rewarded him $30,000.

Mr. Muthiyah has earlier identified not only a data deletion flaw, but also a data disclosure bug on Facebook.

The first bug could have deleted a user’s photos and the second could have tricked a Facebook user into installing a mobile phone app that could go through all the user’s pictures.

Article source:


Best Wordpress Plugin development company in India     Best Web development company in India

Related posts

Soon, traffic lights will not hold up the 108 ambulance service

Times of News

Transperson elected to Loyola College students’ union

Times of News

MTC’s new fleet to accommodate disabled persons with wheelchairs

Times of News