shot-button
Ganesh Chaturthi Ganesh Chaturthi
Home > Technology News > Chennai techie finds flaw in Instagram again wins USD 10000

Chennai techie finds flaw in Instagram again, wins USD 10,000

Updated on: 26 August,2019 03:06 PM IST  |  Chennai
mid-day online correspondent |

The new vulnerability that Muthiyah spotted was similar to the one he reported in July and allowed anyone to hack Instagram accounts without consent permission

Chennai techie finds flaw in Instagram again, wins USD 10,000

This picture has been used for representational purpose

Chennai: Just a month after winning USD 30,000 from Facebook for spotting a flaw in Instagram, Chennai-based security researcher Laxman Muthiyah on Monday said that he has yet again discovered a new account takeover vulnerability on the photo and video-sharing app. This time he has won USD 10,000 as part of the social network's bug bounty programme.


The new vulnerability that Muthiyah spotted was similar to the one he reported in July and allowed anyone to hack Instagram accounts without consent permission. Facebook has now fixed the vulnerability that Muthiyah reported.



"Facebook and Instagram security team fixed the issue and rewarded me USD 10000 as a part of their bounty programme," Muthiyah said in a blog post.

Muthiyah found that the same device ID which is the unique identifier used by the Instagram server to validate password reset codes can be used to request multiple passcodes of different users. He showed that this vulnerability can be exploited to hack Instagram accounts.

"You identified insufficient protections on a recovery endpoint, allowing an attacker to generate numerous valid nonces to ten attempt recovery," Facebook said in a letter to Muthiyah.

Edited by mid-day online desk with inputs from IANS

Catch up on all the latest Crime, National, International and Hatke news here. Also download the new mid-day Android and iOS apps to get latest updates

"Exciting news! Mid-day is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest news!" Click here!


Mid-Day Web Stories

Mid-Day Web Stories

This website uses cookie or similar technologies, to enhance your browsing experience and provide personalised recommendations. By continuing to use our website, you agree to our Privacy Policy and Cookie Policy. OK