Indian Hackers Have Made Nearly Rs 5 Crore Hunting Bugs
Indian researchers top the list when it comes to finding and reporting Facebook bugs , the social media giant has revealed. They also top the list when it comes to receiving the most bounties paid from the company, it added.
“India has long topped the list of 127 countries whose researchers contribute to our bug bounty program. It also holds the top position for the country receiving the most bounties paid,” said Facebook.
Facebook has paid over Rs 4.84 crore to bug hunters in India, since the inception of its bug bounty program in 2011.
“The Facebook bug bounty program pays out based on a bug’s risk, rather than its complexity or cleverness. This means you can maximise the value of your report by focusing on high-impact areas and submitting good quality reports,” the company said.
Once a bug is pointed out to them, Facebook looks into its impact and determines “what could possibly go wrong, and who would be affected.” It also looks into how difficult it is to exploit the vulnerability and the kind of resources that it would take for a hacker to exploit the same before passing it off as a threat. This is because, “sometimes what may seem like a bug is actually a feature designed to give people a better experience on Facebook.”
The company receives “more and more high-impact bugs from India each year,” it revealed.
Only this month, Bengaluru-based hacker, Anand Prakash found (and reported) a critical flaw in Facebook’s log-in system that could have been used by miscreants to hack into other user’s Facebook account easily.
The flaw could give a hacker full access to a user’s “messages, his/her credit/debit cards stored under payment section, personal photos etc.” Facebook acknowledged the issue and fixed it. Anand was rewarded $15,000 in reward for bringing the vulnerability to light.