Indian Bug Hunter Won Rs 20 Lakh After Discovering Instagram Flaw

Harin - Jul 19, 2019


Indian Bug Hunter Won Rs 20 Lakh After Discovering Instagram Flaw

Chennai-based security researcher Laxman Muthiyah has won Rs 20 Lakh from a bug bounty program following his discovery of a flaw in the Instagram app.

Laxman Muthiyah, a security researcher from Chennai has won $30,000 which is equivalent to Rs 20 Lakh from a bug bounty program following his discovery of a flaw in the Instagram app. According to Muthiyah, with the vulnerability that he found, he could “hack any Instagram account without consent permission."

Security-Researcher-Laxman-Muthiyah
Laxman Muthiyah, a security researcher from Chennai.

By prompting a password reset then requesting for a recovery code, it was possible to hack into someone’s Instagram account and take over. The hacking could also be done by trying out every possible recovery code.

In a blog post, Muthiyah wrote:

Quote

He added that the issue was later fixed by the security teams from Facebook and Instagram and he received $30,000 for his finding.

Senior technologist Paul Ducklin from Sophos-a cybersecurity major warned that although the security teams got rid of the vulnerability, users should familiarize themselves with how to take back their social media accounts if they get hacked.

Facebook-Instagram-Flaw
The issue was later fixed by the security teams from Facebook and Instagram.

He said:

Quote

Earlier, Muthiyah detected on Facebook a flaw in data deletion as well as a data disclosure bug. With the first bug, all your photos could be wiped out without needing your password while the second could go through all the pictures on your Facebook without account access permission once you install a seemingly-harmless mobile app.

Ducklin said:

Quote

Thanks to the discovery of Muthiyah, Facebook could fix the issues before the bugs could become public before other people could find them.

Comments

Sort by Newest | Popular

Next Story