One of the worst kept secrets of Facebook

Everyone I know uses one social media platform or another – But did you know Facebook offers a “Bug Bounty”?

 

I’m guessing you’ve never heard of a Bug Bounty. Well in layman’s terms a bug bounty is a financial reward given to you by Facebook in exchange for issues reported directly to them rather than publicised in the media. One member of the public discovered a flaw that could have allowed Facebook users’ accounts to be hijacked.

A  recent find involved an image that could be embedded with malicious code, which would enable its owner to take over a Facebook account once a particular member had clicked on it – a vulnerability known as cross-site scripting. discovered a flaw that could have allowed Facebook users’ accounts to be hijacked

It would not have affected the user’s computer, but would have enabled their account to be accessed and controlled remotely – including sending private messages, posting links and picture, discovered a flaw that could have allowed Facebook users’ accounts to be hijacked

No-one is know to have exploited it

“Facebook were pretty pleased. They managed to get a quick fix – within six hours. They are a great company to report bugs to, they take it seriously.”

Mr Whitton said, he was the first person to find this bug.

A permanent fix took longer, which is why he is only now able to talk about the bug although he found it last year in 2015. This is not the first Bug Bounty Mr Whitton has made a claim for though. In the past he netted a cool £18,000. Happy hunting.

About the Author

Andy is the Managing Director of ITexpress, and writes about whatever interests him within the IT industry, and sometimes outside the industry too!