Facebook awarded Bengaluru-based white hat hacker Anand Prakash $15,000 after he discovered a security flaw. The 23-year-old found a bug in Facebook’s login system which hackers could potently use to access users’ accounts including their bank details through the payment section.
Image Courtesy: Twitter
When a user resets her account’s password, Facebook sends a six-digit code to the user’s phone or email. The code will then have to be entered in order to complete the process. Prakash (in a post on his blog) said that although he couldn’t access the code he tried to manually duplicate the code by trial and error. The website blocked him after 12 attempts. But the beta version of Facebook allowed him to access the reset section after his 899th attempt.
According to a report by Deccan Chronicle, Prakash—a Flipkart employee—is ranked 4th and 3rd in Facebook’s bounty programme for finding maximum bugs in 2015 and 2014.
