Instagram bug bounty: Indian student bags whopping $45,000 reward

tech.hindustantimes.com:

A student, Neeraj Sharma who hails from Jaipur, has received a whopping amount of $45,000 from Meta owned instant messaging app Instagram for saving the data of millions of users. Neeraj has found a dangerous bug that could give access to social media accounts of users to hackers. As per reports, the Instagram bug was capable of changing thumbnails in any user's account without login and password, making it vulnerable to hackers. Sharma informed Instagram and Facebook about this bug and after it was verified, he was given a Rs. 38 lakh reward by the social media platform.

Sharing details about the bug, he told IANS, “There was a bug in Facebook's Instagram, through which the thumbnail of the reel could have been changed from any account. All it required was the media ID of the account to change it no matter how strong the password of the account holder is.” He further added that he started finding this fault in his Instagram account in December last year and almost after a month, on January 31, he figured out about the bug. After that, he reported the same to Facebook on Instagram And received a reply from them after three days in which they asked him to share a demo. Also read: Wow! Instagram to let you repost other users' posts, reels just like Twitter

Sharma demonstrated the bug in 5 minutes by changing the thumbnail. The social media platform has approved his report and sent a letter to him on May 11. The letter mentioned that he has been given a reward of $ 45,000 (about ₹38 lakh). That's not all but Facebook has also given $ 4500 i.e, about Rs. 3 lakh as a bonus due to the delay of four months in giving the reward. Also Read: Facebook internet beaming drone completes second test flight

Meta runs a Meta Bug Bounty