Facebook rewards Rs 22 lakh to Indian hacker Mayur Fartade for highlighting Instagram bug

An Indian hacker has been awarded Rs 22 lakh by Facebook for discovering malicious bugs on the Instagram app. Despite the profile being private, the discovered bug allowed anyone to view archived posts, stories, reels, and IGTV without following the user. Due to this bug, it would have been easy for the hackers to gain illegal access to private details like-- pictures, videos of users without following them. After the complaint, Facebook had now addressed the bug.

Mayur Fartade, a Solapur-based hacker was able to spot the bug. Taking to Twitter, Fartade shared a post where Facebook thanked him for highlighting the issue and awarded him the amount.

Facebook awarded Fartade 22 lakh (3000$) and said, "The report highlighted a scenario that could have allowed a malicious user to view targeted media on Instagram. This scenario would require the attacker to know the specific media ID. We have fixed the issue. We look forward to receiving more reports from you in the future", read the statement.

Mayur had informed Facebook about this Instagram bug on April 16. After this, the company patched it till June 15. Generally, bounty hunters are asked to keep it a secret until the problem is resolved so that no one takes advantage of it. According to Mayur, he also disclosed the second endpoint on 23 April.

Bug Bounty

Usually, Bug bounty programs are organized by big companies. Under this, they reward people after they report a defect on the website or other platform of these companies. For this, the company has to be briefed about the flaws or bugs and details have to be provided. After this, the company decides how serious this flaw is. Based on the severity of the flaw or bug, the reward amount is decided by the company.

(Image Credits: Twitter-@mayurfartade/Pixabay)