Home Business FB awards $1.98mn to researchers for findings bugs in 2020

FB awards $1.98mn to researchers for findings bugs in 2020

Facebook awarded over $1.98 million to researchers from more than 50 countries this year for reporting bugs on its platforms and the biggest bug bounty of $80,000 was given for identifying a low impact issue in its Content Delivery Network (CDN).

The top three countries based on bounties awarded this year are India, Tunisia, and the US, Facebook said in a statement on Thursday.

“Since 2011, we’ve received more than 130,000 reports, of which over 6,900 were awarded a bounty. This year, we received around 17,000 reports in total, and issued bounties on over 1,000 reports,” Facebook informed.

The Facebook bug bounty program helps it detect and fix issues faster. Over the past 10 years, more than 50,000 researchers joined this program and around 1,500 researchers from 107 countries were awarded a bounty.

Security researcher Selamet Hariyanto identified a low impact issue in Facebook CDN, a global network of servers that deliver content to people accessing its platform around the world.

“After fixing this bug, our internal researchers found a rare scenario where a very sophisticated attacker could have escalated to remote code execution,” Facebook said.

This fall, Natalie Silvanovich of Google’s Project Zero reported a bug that could have allowed an attacker logged in on Messenger for Android to simultaneously initiate a call and send an unintended message type to someone logged in on Messenger for Android and another Messenger client (i.e. web browser).

“After fixing the reported bug server-side, our security researchers applied additional protections against this issue across our apps that use the same protocol for 1:1 calling. This report is among our three highest bug bounties at $60,000, which reflects its maximum potential impact,” the social network said.

Facebook recently launched Bug Description Language, a tool that helps researchers quickly build a test environment to show how it can reproduce the bug.

“We also created Hacker Plus, our own rewards program, to add bonuses, badges, early access to soon-to-be-released products and features, exclusive invites to bug bounty events, and more. Since its launch just last month, we’ve awarded $40,000 in bonuses”.

Most Popular

Sunday rides with Gizelle

Not all heroes venture into trying something new for they can be difficult to learn. Horse riding is one among them. It is said...

SC seeks information on mechanism to preserve CCTV footage

The Supreme Court on Tuesday contemplated a mechanism to preserve CCTV footage for more than 45 days and the integration of audio in it,...

Telangana ready to administer Covid vaccine: KCR to PM

Telangana Chief Minister K. Chandrasekhar Rao announced that the state government is ready to administer the "scientifically approved vaccine" for Covid-19 to the people. He...

You can now schedule Google Assistant commands for smart lights

Google Assistant now allows users to schedule lights and other devices to turn on/off at specific times with a new feature. You can now tell...