News

The person who found an important Facebook bug won $100,000!

In the fast-paced world of technology and with the ever-increasing expansion of online advertising, the security of advertising platforms is of particular importance. In October 2024, bN. Sadeghipour, Iranian security researcher, while investigating Facebook’s advertising platform, discovered a dangerous vulnerability that could lead to unauthorized access to the company’s internal servers. This discovery not only highlights the importance of cybersecurity, but also shows how bug bounty programs can be effective in identifying and fixing vulnerabilities.

By carefully examining Facebook’s advertising infrastructure, Sadeghipour noticed a flaw in one of the servers used to create and display ads. This flaw allowed the attacker to take control of the server by executing arbitrary commands. In other words, this vulnerability allowed Sadeghipour to potentially access sensitive information and other parts of Facebook’s internal infrastructure.

The remarkable thing was the speed of reaction of Meta, the parent company of Facebook, to this report. According to Sadeghipour at X, only an hour after the vulnerability was reported, Meta fixed the issue. This speed of action shows the high importance of security for this company and the readiness of its technical teams to deal with cyber threats.

Technically, the vulnerability in question was caused by a default flaw in the Chrome browser used in Facebook’s advertising system. Using a Chrome browser without a graphical user interface (headless Chrome browser), Sadeghipour was able to directly interact with Facebook’s internal servers and take advantage of this flaw.

Related articles

Sadeghipour’s discovery of a security bug in Facebook’s advertising department reminds us of the importance of constantly checking and updating software systems. Even systems that use well-known and widely used software like Chrome can be vulnerable to security vulnerabilities. According to Sadeghipour, online advertising platforms are always an attractive target for cyber attacks due to the large amount of data they process.

Finally, Meta paid Sadeghipour $100,000 as a reward for this important discovery. This action shows that companies value security researchers and encourage them to discover and report vulnerabilities. This approach helps create a safer space in the digital world and protects users from cyber threats.

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker