This hacker discovered a way break into any Facebook account
GettyImages/Manjunath Kiran
For about 72 hours, Anand Prakash had the ability to get into any Facebook account he pleased.
Luckily Prakash, a hacker who lives in India, reported the scary vulnerability to Facebook directly in return for a $15,000 payout. In a blog post on Monday, he outlined how he "could have hacked all Facebook accounts."
Here's how he did it.
When you forget your Facebook account password, you're able to request a reset by entering your email address or phone number on the social network's website. A 6-digit temporary login PIN is then sent to the email address or phone number you entered to let you reset the password.
Prakash tried to keep guessing the temporary 6-digit PIN on Facebook's website, but he was blocked after 10-12 attempts. Then he tried the same thing on Facebook's beta site, which is used by developers to test apps on the platform.
Because you can still log into any account on beta.facebook.com, Prakash tried to guess the 6-digit PIN and discovered that there was no max attempt number set like on Facebook's normal website. That allowed him to brute force hack the PIN by quickly entering every possible number combination on his computer.
"I tried to takeover my account (as per Facebook's policy you should not do any harm on any other users account) and was successful in setting new password for my account," he wrote on his blog. "I could then use the same password to login in the account."
Prakash immediately reported his findings to Facebook and was awarded a $15,000 bounty for discovering the bug. It's common practice for major tech companies to pay bounties like that when hackers discover critical bugs and report them to the proper people.
"One of the most valuable benefits of bug bounty programs is the ability to find problems even before they reach production," A Facebook spokesperson told Tech Insider. "We're happy to recognize and reward Anand for his excellent report."
- US buys 81 Soviet-era combat aircraft from Russia's ally costing on average less than $20,000 each, report says
- 2 states where home prices are falling because there are too many houses and not enough buyers
- A couple accidentally shipped their cat in an Amazon return package. It arrived safely 6 days later, hundreds of miles away.
- Why did a NASA spacecraft suddenly start talking gibberish after more than 45 years of operation? What fixed it?
- ICICI Bank shares climb nearly 5% after Q4 earnings; mcap soars by ₹36,555.4 crore
- Markets rebound sharply on buying in bank stocks firm global trends
- Bengaluru's rental income highest in Q1-2024, Mumbai next: Anarock report
- Rupee falls 10 paise to settle at 83.48 against US dollar