Facebook has awarded an Indian security researcher $12,500 (£8,121) for discovering a bug that allowed anyone to surreptitiously delete another user’s photo album on the social network.
Lakshman Muthiyah, a researcher based in Tamil Nadu, said he discovered the flaw while experimenting with Graph API, an application programming interface (API) for reading and writing user data in Facebook applications.
“I immediately reported this bug to the Facebook security team,” Muthiyah wrote. “They were too fast in identifying this issue and there was a fix in place in less than two hours from the acknowledgement of the report.”
Facebook confirmed that Muthiyah had reported the issue through its bug bounty programme.
“We received a report about an issue with our Graph API and quickly fixed it,” the company stated.
India is, after the US, the country from which the most Facebook bug research originates, followed by the UK, Turkey and Germany, according to the company. A similar album-deleting bug was reported by Indian researcher Arul Kumar in 2013, who also received a $12,500 bounty.
The company said 329 researchers have received payments amounting to more than $1m in the past two years through the bounty programme, with the largest single payment being $20,000. Facebook last year doubled its bounty for finding flaws in advertising code.
Other major high-tech companies also offer bounty programmes, including Microsoft, Google and Mozilla.
Google earlier this month said it would begin paying researchers up-front to hunt for flaws in high-profile software and services.
Are you a security pro? Try our quiz!
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…