A young hacker
here in Kollam has received a Rs 10.70 lakh ($16,000) bounty after finding a
vulnerability in Facebook code.
Facebook began
the bug bounty programme in 2011, under which people who notify flaws on its
website are given a reward.
Arun S Kumar, a
20-year-old computer engineering student at the MES Institute of Technology and
Management in Chathannoor, exposed a critical vulnerability in Facebook
Business Manager which would allow a hacker to take control over the Facebook
page in less than 10 seconds.
"Since the
hacker would be able to manipulate the page of any Facebook user, the damage it
would bring is beyond imagination," said Arun while speaking to TOI
He detected the
bug on August 29 and reported it to the Facebook security team. One of them
wrote back to him the very next day saying how his discovery helped them
prevent a massive security breach. The team fixed the bug by September 6 and
after three days Arun got a mail from them informing him of their decision to
reward him.
Arun has a
history of bug hunting. He had spotted many bugs in Google and Facebook in the
past. Facebook had paid out a Rs 7 lakh bounty to him in April for finding a
vulnerability. The young techie has received about Rs 30.85 lakh ($46,000) in
payouts for hunting down bugs in the past three years.
Facebook had
invited him in August this year along with three other hackers from different
countries for a meeting with its security members at Las Vegas. He was also awarded
the tenth place in the Facebook's hall of fame of the white hat hackers. He is
the only Indian to be honoured in the website's hall of fame.
A native of
Mundakkal here at Kollam, Arun is a year away from completing his degree. He
said he wished to use the prize money to fund his higher education abroad. His
father, P S Sureshkumar, is a clerk with the state government and mother,
Nagalakshmi K, a housewife.