Flipkart Employee From Bangalore Gets Rs.10 Lakhs From Facebook For Reporting A Bug

Who knew that  WHITE HAT HACKING could fetch you a lot of MONEY!

image source

Anand Prakash, a Banglorean-based ethical hacker who just earned a whopping $15,000 from Facebook for reporting a bug. This could have put the users at risk. This vulnerability would have made it possible for any hacker to open users' accounts easily and without the slightest hint that their personal information could be accessed.

The computer systems work on binary codes which are used for scripting a password. The binary codes range from 0 to 9. So when a user notifies Facebook about a lost password, a code is mailed to their email ID or texted to their registered mobile number.The hacker uses these codes to crack the password of an existing account. The technique which the hacker uses is probability to get all the codes for a set of numbers. For Facebook, this set of numbers is six digits. This takes around half-an-hour to 45 minutes. Once the hacker gets all the possible codes, they start placing these on the reset password page of the user using their username.

The bug Anand detected existed in the beta version of Facebook, which  is a test version to see the popularity of a website. The page Facebook.com has this bug fixed by putting a limited number of attempts for a user to put in the codes. However, the beta version of Facebook, which uses the same database as Facebook.com didn't have any upper limit on the number of attempts being. This provided a window for the hacker, who could use different sets of code an unlimited number of times to get into the account of a user.

He tested the bug on his own account and notified Facebook on Monday evening., which could have jeopardised the privacy of its users. Facebook solved the issue overnight and rewarded Anand with 10 lakhs.

image source

Says Anand,  "The current bug that I detected with Facebook could have fetched me around Rs 50-60 lakh in the black market, as this could have provided the hackers with personal information of many FB users. But I am happy with the bounty."

Anand is a White hat hacker, unlike a Black hat hacker who does not use these bugs for personal gain. He discloses his findings to the company. So far, he has detected 90 bugs for Facebook and also for many other sites like Twitter, Google, RedHat, Dropbox, Adobe, eBay and PayPal. He has earned 1.4 crore till date by doing this.

image source

Well, we're so proud of you boy, for your high intelligence and for showing such humility towards the welfare of so many users!

Share on Google Plus

About Chennai Memes

A perfect blend of entertainment and information at your disposal... all just a click away at s . We troll everything..and we mean EVERYTHING. So if your humour quotient is hinged at the "I am offended by this" mark, then this page is not meant for you :)