How a 22-year-old was paid $15,000 by Facebook

Anand Prakash,Image courtesy Lemon Studio 

Last week we woke up to the news of a 22-year old Security Engineer at Flipkart discovering a bug in Facebook that could grant access to messages, credit/debit cards tied to the account and personal photos and other personal information. All without the user’s knowledge.

Anand Prakash, who discovered the bug and informed Facebook about it, was rewarded $15,000 (approx Rs 10 lakh) for discovering the vulnerability which could be disastrous for the Menlo Park-based company.

Head over to Prakash’s Twitter page and in addition to his work title, his bio says “bug bounty hunter”. On being asked to elaborate, he said, “A bug bounty program is a deal offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities.

These programs allow the developers to discover and resolve bugs before the general public is aware of them, preventing incidents of widespread abuse.”

Prakash spends around 2-4 hours in a week, mostly on weekends, discovering bugs. He discovered the Facebook bug, for which he won $15,000, in around 20 minutes. According to him, it was "easy to find".

Apart from Facebook, he has also identified bugs for Twitter, Google, RedHat, Adobe, and many other US based companies, for which he has won rewards at time as well. In India, he has helped Zomato plug a loophole as well, for which he got a ‘Thank You’ message in place of a monetary reward.

For Latest Update Like:  
Us on Facebook: http://facebook.com/naijaeyezblog
Follow Us on Twitter: http://twitter.com/naijaeyezblog