(4 ratings)
|
Facebook, the world's largest social media platform has rewarded an Indian hacker Anand Prakash with the US $15000 for detecting a bug in the login system of the Facebook page. The Bengaluru-based Anand Prakash had found a vulnerability on Facebook which could have been used to hack into any user account easily without any user interaction. This could give full access to view messages, credit/debit cards stored underpayment section, personal photos and much more.
In a blog post Prakash stated, “Whenever a user forgets his password on Facebook, he has an option to reset the password by entering his phone number/email address and Facebook will then send a 6 digit code on his phone number/email address, which can be used in order to set a new password.” He added that he tried to brute the 6 digit code on Facebook and was blocked after 10-12 invalid attempts.
Prakash further said that he looked out for the same issue on beta.facebook.com and mbasic.beta.facebook.com and found that rate limiting was missing on ‘forgot password’ endpoints. He even tried to take over his own account and was successful in setting a new password for it as well. With this method, he could then use the same password to login to the account.
Facebook, on its account, has acknowledged the issue promptly and the issue has been resolved. Facebook has also rewarded Anand Prakash with $15,000 (approximately Rs 10 lakh) considering the severity and impact of the vulnerability in its login system.
Watch The Video: To Understand How Your Facebook Account Could Have Been Hacked
Must Visit Our Google+ Community Page For Latest And Updated Technology Happenings Around The Globe.
 |
 |
 |
 |
