An Indian white hat hacker from Bengaluru was awarded Rs 1 million (approximately $15,000) after he found a bug in Facebook’s login system. Anand Prakash found a security issue that enabled hackers to access a user’s photos, message and debit and credit card details.
A security engineer with Indian e-commerce giant Flipkart, Prakash discovered that he could reset any Facebook account’s password by brute on beta.facebook.com and mbasic.beta.facebook.com.
He reported the issue to Facebook on Feb. 22 and got a response from the company on Mar. 2, awarding him a bounty for his work.
Prakash is a veteran participant in the bug bounty programmes run by technology giants like Facebook and Google, which encourage ethical hackers to identify vulnerabilities in their security. He has reported bugs to Twitter, Google, Blackberry, Adobe, Nokia, SoundCloud and PayPal.
His findings have helped him earn upwards of Rs 10 million (approximately $149,000) in awards. Last year, he earned the fourth position for reporting the highest number of bugs on Facebook internationally. He also holds the second global rank for discovering vulnerabilities on Twitter.
-mashable.