Facebook Awards Tamil Nadu Boy $12,500 For Spotting A Bug That Could Delete Users' Photo

Lakshman Muthiyah, a web developer from Tamil Nadu, India, just became richer by $12,500 (approx. Rs.7.8 Lakh). The money came was awarded to Muthiyah as a reward from social networking giant Facebook for spotting a bug in their social networking site.

Muthiyah informed Facebook about the bug in their site, which allowed anyone to delete anyone’s Facebook’s album, on February 10. He received an email from the Menlo Park, California based company the same day. The mail said, “After reviewing the issue you have reported, we have decided to award you a bounty of $12,500. Muthiyah is a part of a growing breed of bug hunters for the social networking giant in India.

According to Facebook, India has the second largest population of bug hunters trying to spot cyber vulnerabilities like cross scripting and weak data security in the social networking site. The United States has the largest population of bug hunters for Facebook, followed by India, the United Kingdom, Turkey and Germany.

The California based company has already rewarded about 329 people under its bug bounty program, in the past two years. The payouts have cost the company more than $ 1million till now. Facebook was alerted about a similar bug in 2013 by Arul Kumar, a graduate from Coimbatore, India. He was also rewarded $12,500 by Facebook.

Muthiyah gave a detailed explanation about how he discovered the bug in Facebook on his personal blog. According to him, Facebook apps make use of Graph API software to read and write user data.  Each time a person makes use of the social networking site to run a task- such as change a photograph or access an application- this software ends up generating a ‘token’ for it.

While hunting for a hug in the social networking site, Muthiyah tried deleting his own Facebook photo album from his profile using one such token, and when that did not work out, he found out that by inserting another kind of token-basically used for accessing the social networking site on Android Smartphones- he could delete anyone’s Facebook album by just entering its unique tag.

The social networking giant has bug hunters around 51 countries around the world.

Post a Comment

Previous Post Next Post

Related Readings