Hacker from Chennai discovered bug in Instagram, got reward of Rs 7.17 lakh

Hacker from Chennai discovered bug in Instagram, got reward of Rs 7.17 lakh


Chennai's security researcher Laxman Muthiah received a big gift from Facebook-owned photo sharing platform Instagram. Laxman had discovered a flaw associated with this platform, with the help of which other users' accounts could be taken over or hacked. Laxman has received a reward of $ 10,000 (about Rs 7.2 lakh) Hacker from Chennai discovered bug in Instagram, got reward of Rs 7.17 lakh




Chennai's security researcher Laxman Muthiah received a big gift from Facebook-owned photo sharing platform Instagram. Laxman had discovered a flaw associated with this platform, with the help of which other users' accounts could be taken over or hacked. Laxman has received a reward of $ 10,000 (about Rs 7.2 lakh) from Instagram for finding and reporting this deficiency associated with the photo-video sharing app.  Hacker from Chennai discovered bug in Instagram, got reward of Rs 7.17 lakh This reward has been received from the social network's bug bounty program, which encourages rewarding those who detect the flaws.




It has been said by the hacker that Facebook has now fixed this bug. In a blog post, Laxman said, "The security team of Facebook and Instagram has overcome the flaws and has given me a reward of $ 10,000 under their bounty program." The hacker also noticed a similar flaw in Instagram last month, for which he received a reward of $ 30,000 (about Rs 21.5 lakh) from the bounty program of Instagram.


Passcode Mechanism Bypass Risk

The first flaw detected by the hacker was that while the six digit passcode that was found while resetting the Instagram account could bypass the rate-limited mechanism, now with the help of the device ID and password reset code with the help of the disturbance, the multiple account Could be hacked. Laxman explained this mess in his blog post.  Hacker from Chennai discovered bug in Instagram, got reward of Rs 7.17 lakh In this, whenever a user requests a passcode from his mobile device, the randomly generated ID also goes with the request.
Multiple accounts could be hacked simultaneously





 Hacker from Chennai discovered bug in Instagram, got reward of Rs 7.17 lakh Passcodes are verified with the help of Device ID. Laxman wrote, 'There will be about 10 lakh sets of what will be 6 digit passcodes. In such a situation, the risk of hacking accounts is also increasing due to requesting passcode for multiple users. In such a situation, to reduce these sets, the attacker will have to request passcode from more users. In such a situation, if the hacker requests passcode from 10 lakh users, then his success rate will be 100 percent. In such a situation, if the attack is kept within 10 minutes, before the code expires, it can hack all 10 lakh accounts. Hacker from Chennai discovered bug in Instagram, got reward of Rs 7.17 lakh