comscore Indian cybersecurity researcher gets $6,500 for spotting a security bug
  • Home
  • News
  • Indian cybersecurity researcher gets $6,500 for spotting Uber hacking bug
News

Indian cybersecurity researcher gets $6,500 for spotting Uber hacking bug

News

Uber has paid $6,500 to an Indian cybersecurity researcher, named Anand Prakash, who discovered a serious security bug. The company has already fixed it as the bug would have allowed any hacker to take over a user's account.

  • Published: September 15, 2019 5:40 PM IST
uber 1

Uber has paid $6,500 to an Indian cybersecurity researcher, named Anand Prakash, who discovered a serious security bug. The company has already fixed it as the bug would have allowed any hacker to take over a user’s account. This also included the accounts of partners and Uber Eats users. The researcher was given permission to disclose more details of the security bug under the company’s responsible disclosure policy.

As part of the Uber’s bug bounty program, the company then awarded $6,500 to Prakash. Inc42 reported that the bug was present in the API request, where the researcher’s team members were easily able to enumerate Uber users’ UUID. APIs are leveraged to authenticate and secure two services. Prakash explained that “this was because authorization was missing on an endpoint, which resulted in access token leak of Uber mobile apps of other users by just supplying the user id.”

Facebook awards Tamil Nadu man $30,000 for spotting a major bug in Instagram

Also Read

Facebook awards Tamil Nadu man $30,000 for spotting a major bug in Instagram

An Uber spokesperson said, “The bug was quickly fixed through Uber’s bug bounty program, which has paid over $2M USD to more than 600 researchers around the world, including top researchers in India. We are grateful for their contributions to help protect the Uber platform.”

Separately, in July this year, Facebook awarded a Tamil Nadu-based security researcher, named Laxman Muthiyah for spotting a major bug in Instagram. The company gave $30,000 as a part of a bug bounty program after he spotted a flaw in Facebook‘s photo-sharing Instagram app. The researcher said that the vulnerability allowed him to “hack any Instagram account without consent permission.”

Uber launches 24x7 safety helpline in India to improve users' experience

Also Read

Uber launches 24x7 safety helpline in India to improve users' experience

The researcher asserted that hacking anyone’s Instagram account was easy by just triggering a password reset, requesting a recovery code. “I reported the vulnerability to the Facebook security team. They were unable to reproduce it initially due to the lack of information in my report. After a few email and proof of concept video, I could convince them the attack is feasible,” Muthiyah said.

Story Timeline

  • Published Date: September 15, 2019 5:40 PM IST

Trending Today

thumb-img
News
Nokia 3310 Turns 19, and Twitter gets all nostalgic with 'Happy Birthday' tweets
thumb-img
News
Vivo V17 Pro coming with 32MP dual-selfie pop-up camera; India launch this month
thumb-img
News
Reliance JioFiber launching on September 5: All you need to know
thumb-img
News
Motorola One Action now available via open sale in India

Editor's Pick

Indian cybersecurity researcher gets $6,500 for spotting Uber hacking bug
News
Indian cybersecurity researcher gets $6,500 for spotting Uber hacking bug
Tata Sky offering Rs 300 discount on secondary HD Set-Top Box: All you need know

News

Tata Sky offering Rs 300 discount on secondary HD Set-Top Box: All you need know

Nokia 3.2, Nokia 4.2 receive price cut in India: Features, specifications and other details

Deals

Nokia 3.2, Nokia 4.2 receive price cut in India: Features, specifications and other details

Airtel Rs 1,999 VIP broadband plan offers unlimited data with up to 100Mbps speed

News

Airtel Rs 1,999 VIP broadband plan offers unlimited data with up to 100Mbps speed

Lenovo Carme smartwatch first impressions

Review

Lenovo Carme smartwatch first impressions

Most Popular

Lenovo Carme smartwatch first impressions

Realme Buds Wireless Review

Realme XT First Impressions and Hands-on

Vivo Z1x Review

Huami Amazfit GTR 47.2mm Review

Indian cybersecurity researcher gets $6,500 for spotting Uber hacking bug

Tata Sky offering Rs 300 discount on secondary HD Set-Top Box: All you need know

Airtel Rs 1,999 VIP broadband plan offers unlimited data with up to 100Mbps speed

Realme 5's new software update brings Digital Wellbeing, camera improvements and more

CAIT seeks ban on festive season sales by Flipkart, Amazon and other e-commerce players

Samsung DeX on Galaxy Note 10: Run Android apps on PC or TV

MediaTek takes on Qualcomm in the most significant way yet

Tata Sky Binge vs Dish TV d2h magic: Which one is better

Google AR Search lets you see life-sized 3D animals up-close

Vodafone vs Airtel: Best family plans for postpaid users

Related Topics

Related Stories

Indian cybersecurity researcher gets $6,500 for spotting Uber hacking bug

News

Indian cybersecurity researcher gets $6,500 for spotting Uber hacking bug
Facebook explains its use of location data in iOS 13 and Android 10

News

Facebook explains its use of location data in iOS 13 and Android 10
Facebook Dating service launched in US

News

Facebook Dating service launched in US
Facebook database exposes phone number of over 400 million users

News

Facebook database exposes phone number of over 400 million users
Facebook face recognition feature rolling out; to replace 'Tag Suggestions'

News

Facebook face recognition feature rolling out; to replace 'Tag Suggestions'

हिंदी समाचार

Google Pixel 4 XL 5G स्मार्टफोन 8GB रैम और Snapdragon 855 SoC के साथ Geekbench लिस्टिंग पर हुआ स्पॉट

Nokia 3.2 और Nokia 4.2 स्मार्टफोन के दामों में कटौती

Xiaomi के पोर्टफोलियो में जल्द शामिल हो सकते हैं 8K TV

Lenovo K10 Note स्मार्टफोन कल पहली बार सेल पर आएगा, जानें कीमत और सेल ऑफर्स

India vs South Africa 1st T20 : भारत और दक्षिण अफ्रीका के बीच पहला T-20 मैच आज, ऐसे देखें लाइव स्ट्रीमिंग


News

Indian cybersecurity researcher gets $6,500 for spotting Uber hacking bug
News
Indian cybersecurity researcher gets $6,500 for spotting Uber hacking bug
Tata Sky offering Rs 300 discount on secondary HD Set-Top Box: All you need know

News

Tata Sky offering Rs 300 discount on secondary HD Set-Top Box: All you need know
Airtel Rs 1,999 VIP broadband plan offers unlimited data with up to 100Mbps speed

News

Airtel Rs 1,999 VIP broadband plan offers unlimited data with up to 100Mbps speed
Realme 5's new software update brings Digital Wellbeing, camera improvements and more

News

Realme 5's new software update brings Digital Wellbeing, camera improvements and more
CAIT seeks ban on festive season sales by Flipkart, Amazon and other e-commerce players

News

CAIT seeks ban on festive season sales by Flipkart, Amazon and other e-commerce players