Kerala youngster finds Facebook bug, gets massive reward

The bug which Arun identified allows any individual to easily access others' FB accounts without their knowledge or consent.
Kerala youngster finds Facebook bug, gets massive reward
Kerala youngster finds Facebook bug, gets massive reward
Written by:

For 22-year-old Arun S Kumar from Kollam, it has been a very busy two days. On Friday afternoon, the computer engineering student at MES Institute of Technology and Management, Chathannoor, was honoured by his college, a day after receiving a memento at a public function from CPI (M) veteran Pinarayi Vijayan.

His feat- he says he identified a bug on Facebook's site and has been awarded Rs 6.6 lakh by the social networking giant site.

On Tuesday, Arun says, he received an email from Facebook informing him about the $ 10,000 (approx Rs 6.6 lakh) reward, which will be credited to him within 10 days. 

"I am very excited and happy. Yesterday, I got a call from the district unit of the CPI (M) saying they wanted to felicitate me at a public function and today my college honoured me. I feel very proud and it is a special moment for me," an ecstatic Arun tells The News Minute. 

Pinarayi Vijayan/Facebook

Facebook runs a bug bounty programme which recognizes and rewards people for reporting vulnerabilities in their services. The bug, which Arun identified in March and reported to Facebook, is called a Full Account Takeover and it allows any individual to easily access anyone's Facebook account without their knowledge or consent. According to him, the bug would allow a person using a supercomputer to hack into a Facebook account in less than a minute's time. 

“This is a simple vulnerability which could compromise anyone’s Facebook account easily without any user interaction. It allowed me to get into any person’s Facebook account by changing their password and I was able to view their messages, stored credit/debit cards, personal photos, etc. Facebook took more than 3 weeks to fix the bug. And at last it decided to give a reward for it,” he explains. 

When Arun first informed Facebook about the bug, the latter was not convinced, Arun says. "They initially told me that they couldn't reproduce the issue. But then I explained it to them several times and sent them more than five emails before they accepted that it was a valid bug. They then fixed it," he states adding that he had reported many bugs on Facebook's site in the past several months. 

The reward is a very "big amount", says Arun, and he plans to use if for his higher studies which he wishes to pursue abroad. 

Note: The News Minute has written to Facebook seeking a response. The copy will be updated when we receive a reply. 

News, views and interviews- Follow our election coverage.

Related Stories

No stories found.
The News Minute
www.thenewsminute.com