Connect with us

News

Indian Developer got a whooping reward from Instagram, Know why?

Published

on

Instagram reward

HIGHLIGHTS :

  • Instagram rewarded an Indian developer $30,000 (approximately Rs 21,99,699) for detecting a dangerous bug.
  • Indian researcher Laxman Muttiah received $50,000.
  • The attacker was able to gather details about specific media and subsequent filters.

Indian developer has been rewarded $30,000

An Indian developer has been rewarded $30,000 (approximately Rs 21,99,699) by Instagram for flagging a bug. According to the report, the detected bug could allow anyone to view archive posts, stories, reels, and IGTV without following a user, even when the profile is private.

Re-generate valid CDN URLs of archived stories

Indian developer, Mayur Fartade informed about the issue in a post on Medium. He added that the bug could allow a potential attacker to “re-generate valid CDN URLs of archived stories and posts. In addition, based on the media ID, the attacker was able to gather details about specific media and subsequent filters.” Saksham was private and archived.” He also said that the entire timeline from raising the issue to fixing it was about two months.

This bug could have been dangerous

The bug may not seem as dangerous at first as it required attackers to know the media ID associated with an image, video, or album by forcing identifiers. However, Furtade showed that it was possible to prepare a POST request to a GraphQL endpoint and retrieve sensitive data.

Facebook also impressed

Facebook then responded by saying that they uncovered a scenario that could allow a Malaysian user to view targeted media on Instagram.

In March, Indian researcher Laxman Muttiah received a $50,000 (approximately Rs 36,66,165) award by Microsoft under the company’s bug bounty program.
Microsoft honored an Indian researcher for spotting a loophole that could hijack one’s Microsoft account. They had previously found an Instagram rate limiting bug that could have helped hijack someone’s account. Then he checked the same flaw in Microsoft’s account.

Microsoft issued a $50,000 award

According to Muttiah, the loophole “could have allowed anyone to take over any Microsoft account without consent [or] permission.” Microsoft issued a $50,000 award through the HackerOne bug bounty platform.

Instagram (commonly abbreviated to IG, Insta, or the gram) is an American photo and video-sharing social networking service created by Kevin Systrom and Mike Krieger. In April 2012, Facebook acquired the service for approximately US$1 billion in cash and stock. The app allows users to upload media that can be edited with filters and organized by hashtags and geographical tagging.

Also Read :

Twitter’s DM search bar feature will make messaging smooth for Android users

PUBG Mobile Traverse 1.4 global version update: Global APK link Out!!

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2020 - 2021 TechZimo.com, All rights reserved.