A Chennai-based security researcher, named Laxman Muthiyah, has again spotted a flaw in Instagram. The researcher discovered a new account takeover vulnerability on the app. Laxman is the same person who was recently awarded $30,000 for discovering a flaw in Instagram. The researcher asserted that he again discovered a new account takeover vulnerability and won $10,000 as part of Facebook‘s bug bounty program.
The new vulnerability that Muthiyah spotted was similar to the one he reported in July. The flaw that he reported last month allowed a user to hack Instagram accounts without consent permission. Facebook has now fixed the vulnerability that Muthiyah reported.
“Facebook and Instagram security team fixed the issue and rewarded me $10,000 as a part of their bounty program,” Muthiyah said in a blog post. Muthiyah found that the same device ID – the unique identifier used by Instagram server to validate password reset codes. It can be used to request multiple passcodes of different users.
Besides, it was recently reported that TikTok, the popular short-video sharing app, has emerged as the most download social media app on the App Store. While it remains popular, TikTok failed to beat Facebook, which remains the most downloaded app in terms of overall downloads. The social media giant saw its flagship app register 56 million installs in July 2019.
The social media giant saw its flagship app register 56 million installs in July 2019. India contributed 23 percent of the total downloads of Facebook in July, followed by Indonesia at 11 percent. Instagram, Likee and Snapchat round up the list of top downloaded social media applications for July 2019.
– With inputs from IANS