Facebook Raises Payment For Its Bug Bounty Program

Kumari Shrivastav - Oct 17, 2019


Facebook Raises Payment For Its Bug Bounty Program

Facebook said that it will be broadening a number of well-established bug bounty programs which include bounties for hackers finding rare vulnerabilities.

On Tuesday, Facebook said that it will be broadening a number of well-established bug bounty programs which include bounties for hackers finding rare vulnerabilities. It has also been upgrading several of its security and protection initiatives.

According to the company's blog posts, it would provide more ways for security researchers to help them detect and disclose flaws in third-party sites and apps integrating with the social network.

facebook-bug-bounty-program-1

As stated by Dan Gurfinkel, the engineering security manager at Facebook, researchers are now not limited to just "passively observing the vulnerability."

That means if authorized by the third party, they can test these apps actively to detect security issues, Facebook stated. So instead of finding bugs by observing an app's traffic, security researchers now look into how a third-party app can abuse user data.

Gurfinkel also said:

Capture

facebook-bug-bounty-program-2
Bug hunters can now test third-party apps if authorized

The lowest amount of a bug is Rs 35,682 and will change depending on how severe the bug is. Besides, researchers are required to show proof that they got authorized by the third party to conduct tests.

In September 2018 saw the first announcement for Facebook’s bug bounty program which aimed at how users' personal data could get leaked via unreliable developers that the company cannot control.

The Cambridge Analytica scandal last year marked the first red flags of privacy concerns from third-party apps for Facebook. Developers created Facebook apps to harvest data for Cambridge Analytica researchers, which threatened user privacy and caused potential political interference.

Security researcher, in April, discovered a Facebook open database that a media firm harvested using an app on the platform.

Bug bounties allow Facebook to broaden the search for data-harvesting apps though it already has a security group for the task. In March last year, the social giant first expanded its own bug bounty program and began considering such apps to be security flaws.

facebook-bug-bounty-program-3
Facebook expands its bug bounty programs after the scandal in 2018

Not only Facebook but also Apple has been revamping bug bounty programs with the highest offer of $1 million for high-level hacks. Rather than abusing flaws, security researchers now search for flaws and bugs that hunters could take advantage of and get remunerated for informing the company.

The bounty often rises in accordance with the rarity of the bug. Often, native code bugs are harder to find as they are hidden deep in the service; therefore, the social network decided to increase the reward for them.

facebook-bug-bounty-program-4
The valuable reward of thousands of dollars for successful hacks

The whole bug payout with a bonus of Rs 10.7 lakh will be given to researchers finding and reporting a zero-click flaw in the Messenger app on iOS if they can provide a proof-of-concept to it, said Facebook. This type of flaws is rare since they don't need to interact with users to affect them.

In November, there will be Pwn2Own Tokyo -  a hacker meeting, where the company said it would bring its hardware so that hackers can discover vulnerabilities. In March, Tesla showed a car in Pwn2Own Vancouver and fortunate hackers gained it alongside a reward of Rs 24.98 lakh.

A reward of Rs 42.8 lakh and Rs 28.5 lakh are offered for effective hacks of Facebook Portal Device and Oculus Quest, respectively.

2 Comments

Sort by Newest | Popular

I can’t believe going into a relationship with a cheater, I noticed my husband is cheating so I have to search a for a very good hacker on the internet which I found tomcyberghost tho i was so curious contacting him but he assure me before I can give a trial, you can’t believe Mr Thomas hack into my husband phone without him knowing I can now receive all copy of his message and calls right from my phone, anyone who need the service of an hacker should contact him via tomcyberghost@gmail.com or phone: +1 (720) 794-1811, WhatsApp +13047457645

...see more

if you ever require the services of a hacker to help hack your spouse Facebook account and get access to the account, i suggest you contact the best and efficient hackers called tomcyberghost, they will help you get your job completed and smoothly. I was able to hire the services of an elite, asides the fact that he provided a good service, he also gave a very efficient customer experience. he carried me along with every process and didn’t leave me in the dark. Contact him via email: tomcyberghost@gmail.com Text/call +1 (720) 794-1811, whatsapp +13047457645

...see more
Next Story

Read more

Elon Musk Eyes Indian Market: Tesla’s Next Big Move?

Features- Feb 26, 2025

Elon Musk Eyes Indian Market: Tesla’s Next Big Move?

Amid slowing global sales and political tensions, Tesla is making strategic moves to enter one of the world’s fastest-growing automotive markets - India.

Elon Musk's Federal Workforce Overhaul: AI Takes the Helm

ICT News- Feb 26, 2025

Elon Musk's Federal Workforce Overhaul: AI Takes the Helm

Elon Musk is shaking up the U.S. federal workforce with a drastic measure—leveraging AI to determine who's essential and who's expendable.

Microsoft Surface: A Shift from Innovation to Stability?

Review- Feb 27, 2025

Microsoft Surface: A Shift from Innovation to Stability?

Will AI Kill Coding Jobs? The Truth Might Surprise You

ICT News- Feb 26, 2025

Will AI Kill Coding Jobs? The Truth Might Surprise You

For years and now more than ever, we’ve heard that AI is coming for everyone’s jobs—from truck drivers to customer service reps. But what about programmers?