Thursday, March 4, 2021
Home India Chennai-Based Security Researcher Wins $30,000 after He Spotted Flaw in Instagram

Chennai-Based Security Researcher Wins $30,000 after He Spotted Flaw in Instagram

He discovered it was possible to take over someone's Instagram account by triggering a password reset

Chennai-based security researcher Laxman Muthiyah has won $30,000 as a part of a bug bounty programme after he spotted a flaw in Facebook-owned photo-sharing app Instagram.

Muthiyah said the vulnerability allowed him to to “hack any Instagram account without consent permission.”

He discovered it was possible to take over someone’s Instagram account by triggering a password reset, requesting a recovery code, or quickly trying out possible recovery codes against the account.

“I reported the vulnerability to the Facebook security team and they were unable to reproduce it initially due to lack of information in my report. After a few email and proof of concept video, I could convince them the attack is feasible,” Muthiyah wrote in a blog post this week.

Chennai, Researcher, Instagram
Chennai-based security researcher Laxman Muthiyah has won $30,000 as a part of a bug bounty programme after he spotted a flaw in Facebook-owned photo-sharing app Instagram. Pixabay

Facebook and Instagram security teams fixed the issue and rewarded me $30,000 as a part of their bounty programme, he added.

Paul Ducklin, Senior Technologist at cyber security major Sophos, however, warned while the vulnerability found by Muthiyah no longer existed, users should familiarise themselves with the process of getting back control of their social media accounts, in case they get hacked.

“In case any of your accounts do get taken over, familiarise yourself with the process you’d follow to win them back. In particular, if there are documents or usage history that might help your case, get them ready before you get hacked, not afterwards,” Ducklin said in a statement.

Muthiyah earlier identified not only a data deletion flaw, but also a data disclosure bug on Facebook.

Also Read- As Federal Government Retreats from Dealing with Climate Change, Corporate America Moving Forward Anyway

The first bug could have zapped all your photos without knowing your password; the second meant tricking you to install an innocent-looking mobile app that could riffle through all your Facebook pictures without being given access to your account.

“To be clear: he found those holes in compliance with Facebook’s Bug Bounty programme, and he disclosed them responsibly to Facebook,” Ducklin said.

“As a result, Facebook was able to fix the problems before the bugs became public, and (as far as anyone knows) these bugs were patched before anyone else found them,” he remarked. (IANS)

STAY CONNECTED

19,120FansLike
362FollowersFollow
1,773FollowersFollow

Most Popular

Study: People With Kidney Stones May Be At Risk Of Osteoporosis

People with kidney stones may be at risk of osteoporosis or bone fracture, says a new study. The study, published in the Journal of...

Report: Obesity Has Emerged Into A Bigger Health Crisis Globally

For over two decades, obesity has emerged into a bigger health crisis globally and in India, than hunger. Obesity is now the leading cause...

Study: Consumption Of Mustard Oil Likely To Be Healthy For Heart

If you want to achieve good health amid the pandemic, choosing the right oil should be the foremost step as Covid-19 is an inflammatory...

Study: The Future Life Span Of Earth Is Approximately One Billion Years

The future life span of Earth's oxygen-rich atmosphere is approximately one billion years, a new study reveals. According to the study, published in the...

Best Sites To Play Andar Bahar Online

By John Graham Playing Andar Bahar is fun, especially when playing on a user-friendly site. It’s a game where you play and win. Besides, it’s...

7 Tips On How To Always Wake Up On Time In College

By Grace Johnson Many students complain that waking up early to go to classes seems to be getting more and more difficult day by day....

US Based OAC To Make The World’s First Space Hotel

If you are a space enthusiast, there is more exciting news as a US-based space construction company, Orbital Assembly Corporation (OAC), is planning to...

Gut Instinct To Figure Out Between Fake And Genuine Reviews

While booking a hotel online, travelers should trust their gut instinct rather than relying on computer algorithms to figure out between fake and genuine...

Recent Comments