Friday August 23, 2019
Home India Chennai-Based...

Chennai-Based Security Researcher Wins $30,000 after He Spotted Flaw in Instagram

He discovered it was possible to take over someone's Instagram account by triggering a password reset

0
//
Muthiyah said the vulnerability allowed him to to "hack any Instagram account without consent permission." Pixabay

Chennai-based security researcher Laxman Muthiyah has won $30,000 as a part of a bug bounty programme after he spotted a flaw in Facebook-owned photo-sharing app Instagram.

Muthiyah said the vulnerability allowed him to to “hack any Instagram account without consent permission.”

He discovered it was possible to take over someone’s Instagram account by triggering a password reset, requesting a recovery code, or quickly trying out possible recovery codes against the account.

“I reported the vulnerability to the Facebook security team and they were unable to reproduce it initially due to lack of information in my report. After a few email and proof of concept video, I could convince them the attack is feasible,” Muthiyah wrote in a blog post this week.

Chennai, Researcher, Instagram
Chennai-based security researcher Laxman Muthiyah has won $30,000 as a part of a bug bounty programme after he spotted a flaw in Facebook-owned photo-sharing app Instagram. Pixabay

Facebook and Instagram security teams fixed the issue and rewarded me $30,000 as a part of their bounty programme, he added.

Paul Ducklin, Senior Technologist at cyber security major Sophos, however, warned while the vulnerability found by Muthiyah no longer existed, users should familiarise themselves with the process of getting back control of their social media accounts, in case they get hacked.

“In case any of your accounts do get taken over, familiarise yourself with the process you’d follow to win them back. In particular, if there are documents or usage history that might help your case, get them ready before you get hacked, not afterwards,” Ducklin said in a statement.

Muthiyah earlier identified not only a data deletion flaw, but also a data disclosure bug on Facebook.

Also Read- As Federal Government Retreats from Dealing with Climate Change, Corporate America Moving Forward Anyway

The first bug could have zapped all your photos without knowing your password; the second meant tricking you to install an innocent-looking mobile app that could riffle through all your Facebook pictures without being given access to your account.

“To be clear: he found those holes in compliance with Facebook’s Bug Bounty programme, and he disclosed them responsibly to Facebook,” Ducklin said.

“As a result, Facebook was able to fix the problems before the bugs became public, and (as far as anyone knows) these bugs were patched before anyone else found them,” he remarked. (IANS)

Next Story

Posting Selfies Seen as People Being Insecure & Less Likeable

According to some researchers, people who post selfies are seen as insecure and less likeable by others

0
selfies
Individuals who post a lot of selfies are almost uniformly viewed as less likeable, less successful, more insecure and less open to new experiences than individuals who share a greater number of posed photos taken by someone else. Pixabay

Even though selfies are popular, researchers say that those who post selfies are viewed as less likeable, less successful and more insecure. Published in the Journal of Research in Personality, the scientists conducted a novel experiment with hundreds of actual Instagram users to determine if there are certain types of self-image posts that cause others to make snap judgements about the user’s personality.

Their work shows that individuals who post a lot of selfies are almost uniformly viewed as less likeable, less successful, more insecure and less open to new experiences than individuals who share a greater number of posed photos taken by someone else.

“Even when two feeds had similar content, such as depictions of achievement or travel, feelings about the person who posted selfies were negative and feelings about the person who posted posies were positive,” said study lead author Chris Barry, professor at Washington State University.

“It shows there are certain visual cues, independent of context, that elicit either a positive or negative response on social media,” Barry said.

For the study, the research team analysed data from two groups of students. The first group, consisting of 30 undergraduates, were asked to complete a personality questionnaire and agreed to let the researchers use their 30 most recent Instagram posts for the experiment.

selfies
For the study, the research team analysed data from two groups of students. Pixabay

The second group of students consisted of 119 undergraduates. This group was asked to rate the Instagram profiles of the first group on 13 attributes such as self-absorption, low self-esteem, extraversion and success, using only the images from those profiles.

The research team then analysed the data to determine if there were visual cues in the first group of students’ photos that elicited consistent personality ratings from the second group.

Also Read: Top Deferred MBA Programs

It was also found that the students who posted more posies were viewed as being relatively higher in self-esteem, more adventurous, less lonely, more outgoing, more dependable, more successful and having the potential for being a good friend, while the reverse was true for students with a greater number of selfies on their feed.

Personality ratings for selfies with a physical appearance theme, such as flexing in the mirror, were particularly negative, the researchers found. (IANS)