Hacker’s Work Prevents Hackers From Breaking Into User Profiles
Note: We may earn a commission from products or services when you click on a link and make a purchase.
A Solapur-based hacker identified a malicious virus targeting Instagram users which would give threat actors access to the private photos and videos of victims. According to a blog post written by the hacker, Mayur Fartade, this access would have the potential to grant access to Instagram posts, stories, reels, and IGTV without the prerequisite of following users. Instead, a brute-force tactic would be used.
The information obtained using the Instagram virus could then be used to access other accounts linked to Instagram, such as Facebook.
Mayur reported the bug on April 19. After Facebook fixed the security flaw on April 29, they awarded Mayur $30,000 for his contribution according to a report on The Federal.
The importance of this discovery is demonstrated in the amount of Mayur’s award. Data leaks and breaches can cost corporations such as Facebook millions in fines and legal fees.
Previous Facebook Data Leaks
In April of this year, Facebook faced the threat of lawsuit in Ireland for failure to report an initial data leak in 2019 that then resulted in a massive breach two years later. Despite Facebook’s claim to have fixed the issue, the personal data of 533 million Facebook users was found for sale on the dark web. The media giant faced not only the lawsuit but also a pending GDPR fine. For perspective, Twitter was issued a $547,000 GDPR fine for a data leak they reported according to the procedure. Facebook would likely face a larger fine for failure to report.
Investigators, such as Mayur Fartade, may play a large role in the future of cybersecurity. IT departments within companies are often stretched thin, overseeing the company’s technological functions. Outside parties who are able to dedicate their full attention to finding threats and vulnerabilities may find more success in solving such issues.
Facebook Bug Bounty Program
Facebook has a bounty program that encourages external security researchers to find and report security vulnerabilities in Facebook or any of Facebook’s family companies. The page states:
“Facebook recognizes the value external security researchers can bring to the security of Facebook systems, and we welcome and seek to reward eligible contributions from security researchers…”
For anyone who would like to contribute to keeping our personal information and online data secure, here are 300 Hours of Cyber Security Training for Under $700. This is an invaluable skill for anyone with the goal of entering the cybersecurity field. If you are already familiar with coding and programming, Microsoft released an open-source simulator called CyberBattleSim for those who want to practice finding malware and other threats in computer systems.
The world is in need for more cybersecurity specialists to meet the rising volume and sophistication of cyberattacks. Companies have expressed their inability to handle both in-house needs and implement appropriate cybersecurity measures, so it is not out of question to wonder whether or not we will see more bounty programs emerge.