Thursday December 12, 2019
Home India Chennai-Based...

Chennai-Based Security Researcher Wins $30,000 after He Spotted Flaw in Instagram

He discovered it was possible to take over someone's Instagram account by triggering a password reset

0
//
Muthiyah said the vulnerability allowed him to to "hack any Instagram account without consent permission." Pixabay

Chennai-based security researcher Laxman Muthiyah has won $30,000 as a part of a bug bounty programme after he spotted a flaw in Facebook-owned photo-sharing app Instagram.

Muthiyah said the vulnerability allowed him to to “hack any Instagram account without consent permission.”

He discovered it was possible to take over someone’s Instagram account by triggering a password reset, requesting a recovery code, or quickly trying out possible recovery codes against the account.

“I reported the vulnerability to the Facebook security team and they were unable to reproduce it initially due to lack of information in my report. After a few email and proof of concept video, I could convince them the attack is feasible,” Muthiyah wrote in a blog post this week.

Chennai, Researcher, Instagram
Chennai-based security researcher Laxman Muthiyah has won $30,000 as a part of a bug bounty programme after he spotted a flaw in Facebook-owned photo-sharing app Instagram. Pixabay

Facebook and Instagram security teams fixed the issue and rewarded me $30,000 as a part of their bounty programme, he added.

Paul Ducklin, Senior Technologist at cyber security major Sophos, however, warned while the vulnerability found by Muthiyah no longer existed, users should familiarise themselves with the process of getting back control of their social media accounts, in case they get hacked.

“In case any of your accounts do get taken over, familiarise yourself with the process you’d follow to win them back. In particular, if there are documents or usage history that might help your case, get them ready before you get hacked, not afterwards,” Ducklin said in a statement.

Muthiyah earlier identified not only a data deletion flaw, but also a data disclosure bug on Facebook.

Also Read- As Federal Government Retreats from Dealing with Climate Change, Corporate America Moving Forward Anyway

The first bug could have zapped all your photos without knowing your password; the second meant tricking you to install an innocent-looking mobile app that could riffle through all your Facebook pictures without being given access to your account.

“To be clear: he found those holes in compliance with Facebook’s Bug Bounty programme, and he disclosed them responsibly to Facebook,” Ducklin said.

“As a result, Facebook was able to fix the problems before the bugs became public, and (as far as anyone knows) these bugs were patched before anyone else found them,” he remarked. (IANS)

Next Story

Instagram Helps Women to Overcome Miscarriage Distress: Study

The extent to which this loss affects women and their families, and the longevity of their grief is a blind spot for clinicians

0
Instagram
As far as we know, this is the first study to look at the intersection of Instagram and miscarriage. Pixabay

Despite its common occurrence, there is still a lot of stigma surrounding miscarriage and many women find that their emotional and psychological needs are unmet as they go through a devastating grieving process. But for some, Instagram has emerged as a tool to cope with such distress, a study says.

The study, published in the journal Obstetrics & Gynecology, found that the content posted by Instagram users included rich descriptions of the medical and physical experiences of miscarriage, and the emotional spectrum of having a miscarriage and coping with those emotions, the social aspect, and family identity.

“I find it endlessly fascinating that women are opening up to essentially strangers about things that they hadn’t even told their partners or families,” says Dr. Riley. “But this is how powerful this community is,” said Amy Henderson Riley, Assistant Professor at the Jefferson College of Population Health, Thomas Jefferson University, US.

The findings are based on a qualitative research study on 200 posts of text and pictures shared by Instagram users.

“What surprised me the most was how many women and their partners identified as parents after their miscarriage and how the miscarriage lasted into their family identity after a successful pregnancy,” said Rebecca Mercier, Assistant Professor at Thomas Jefferson University.

“The extent to which this loss affects women and their families, and the longevity of their grief is a blind spot for clinicians,” Mercier said.

These personal accounts also provided insight into patients’ perspectives of typically defined experiences.

For example, in the clinic, the typical definition of recurrent pregnancy loss is after three pregnancies. However, the researchers found that many patients who had had two or more miscarriages identified with having recurrent pregnancy loss.

Instagram
Despite its common occurrence, there is still a lot of stigma surrounding miscarriage and many women find that their emotional and psychological needs are unmet as they go through a devastating grieving process. But for some, Instagram has emerged as a tool to cope with such distress, a study says. Pixabay

“I’m hoping that this study will encourage clinicians to point patients to social media as a potential coping tool, as well as to approach this subject with bereaved and expecting parents with more respect and empathy,” Mercier said.

Social media is becoming a common avenue for patient testimonials. For example, the short video-sharing platform TikTok has recently become a home for some users to make videos sharing their personal health struggles.

ALSO READ:AI Can Better Help Doctors to Identify Cancer Cells in Human Body

“As far as we know, this is the first study to look at the intersection of Instagram and miscarriage,” Riley said.

“But this is a drop in the bucket. Social media platforms are evolving rapidly and a theoretically grounded research must follow,” she added. (IANS)