Indian hackers are top of earning bounty from Facebook Bounty of crores rupees i.e. reward to Indian Hackers. In fact, tech companies such as Facebook run bug bounty programs, whereby loopholes, which are also called bugs, are rewarded for finding. Recently, Facebook increased bug bounty for account takeover.
A computer science student from Tamil Nadu, Laxman Muthiyah, has exposed one of the biggest drawbacks of Instagram, under this drawback, an Instagram account could be hacked. There was no need for the user's concert for this.
Facebook and Instagram corrected this flaw, and Laxman has given a reward of 30,000 dollars (approximately 20.56 lakhs) to Facebook. According to Laxman, he has found a bug in Instagram that is in the way of resetting passwords. He said that he could hack any Instagram account because of this bug.
26-year-old Laxman Muthiyah has said during the talks with Tech to date that he started paying attention to the bug bounty since 2013. There have been some successes in 2015. Even before that, he got a $ 10,000 bounty from Facebook, then he found a bug looking at the private photo. He has said that security research is part of his work and he is working on software development.
According to Laxman Muthiyah, this bug was in Instagram's Password Recovery System. In this way, any hacker could hack any Instagram user's account by resetting the password. In fact, whenever a user resets the password, Instagram sends the verification code 6 digits to his mobile number. Laxman got a bug in which he sent a thousand requests from different IP addresses to test.
Explaining further that if the verification of 10 lakh codes for verification can be changed, then the password of any account can be changed. According to Laxman, they can hack accounts by sending 200 thousand requests from 100 different IP addresses. Laxman Muthiyah gave the information to Facebook, after which Facebook has fixed this bug. At the same time, Facebook rewarded him with a reward of 30,000 dollars or about 20,55,645 rupees.