Security researcher Laxman Muthiyah, from Indian city of Chennai, has been rewarded by Facebook for identifying the software bug that can allow anyone to hack Instagram accounts without the social media users’ consent.
The reward was given as part of the social network's bug bounty programme – a reward offered by many organisations for reporting bugs, especially those pertaining to exploits and vulnerabilities of the website.
"Facebook and Instagram security team fixed the issue and rewarded me $10,000 (Rs. 720,000 approx.) as a part of their bounty programme," Muthiyah stated in his blog post.
Earlier, Muthiyah was also rewarded the sum of $30,000 (Rs. 21,60,000 approx.) by Facebook for identifying a data deletion bug as well as data disclosure bug on the site.
He said the data deletion bug could have destroyed all the pictures from the social media account without even requiring the password whereas data disclosure bug meant to trick a user to install a mobile app that can riffle through Facebook pictures without even being given access to the account.
"You identified insufficient protections on a recovery endpoint, allowing an attacker to generate numerous valid nonces to ten attempt recovery," Facebook said in a letter to Muthiyah.
Many Indian twitter users cheered for the tech-savvy geek for winning a reward from the American social media giant and hailed him as a hero.
@LaxmanMuthiyah Sir My name is laxman.I'm studying in your college, for past 1 month you are hero in our college (SVCET).I'm proud for keeping your name— Laxman (@Laxman52839578) August 20, 2019
You are inspiring us bro.
— Dewanand Vishal (@dewcode91) August 16, 2019