Instagram security flaw discovered by a Nepali guy !!! $6000 rewards !!
Instagram has given a $6,000 reward to a 21 year old Nepali man after he discovered a problem with the company's server.
The company has given a prize money to Saugat Pokhrel, a Nepalese cyber security researcher, for discovering this security flaw. Pokhrel, while using his data download tool on Instagram, found that the photo and message he had deleted long ago was still on Instagram's server.
It is considered normal for users to stay on companies' servers for a few days after deleting photos and messages. Instagram also says that it takes 90 days for a user to delete photos and messages from their server.
However, Pokharel informed the company about this flaw, last October after finding out that the data he had deleted a year ago was still on Instagram's servers. Twitter, Instagram and Facebook have given their users' the access to the data download tool which helps them to know about their data on the company's servers.
Pokhrel, a student of BSc in Physics at Amrit Science Campus, said the company paid him $6,000 for his findings.He reported about the security breach last October and received the prize money on the 7th of February.
This was made public only after the security vulnerabilities were resolved. Pokhrel made it public in a technology news website after Instagram had resolved the security vulnerabilities and also allowed Pokhrel to publicly speak about it. Despite the security flaw, Instagram has ensured that it had not been misused yet.
Pokhrel pointed out the security vulnerability last October through Instagram's Bug Bounty program. The company solved this problem a few weeks ago.
A similar security vulnerability was discovered on Twitter last year. Twitter had a problem of having a direct message on the company's server even when the user deletes it and closes the account which was later solved.