Facebook Pays Bug Hunters $1 Million, India Second Biggest Recipient

Now Reading
Facebook Pays Bug Hunters $1 Million, India Second Biggest Recipient

Browse This Page
Share via

The social media giant ‘Facebook’ has paid over 1 million USD to security researchers  who report bugs on their website, with India being the second biggest recipient among other countries. India has over 78 million Facebook users, and now is one of the fastest growing in the Bug Bounty program. The social networking major said 329 people have received rewards, including professional researchers, students and part-timers. The youngest recipient was 13 years old.

A software bug is an error, flaw, failure, or fault in a computer program or system that produces an incorrect or unexpected result, or causes it to behave in unintended ways. Most bugs arise from mistakes and errors made by people in either a program’s source code or its design, and a few are caused by compilers producing incorrect code. 

 As per Facebook To qualify for a bounty, you must:

  • Adhere to the Responsible Disclosure Policy of Facebook.  
  • Be the first person to responsibly disclose the bug
  • Report a bug that could compromise the integrity of Facebook user data, circumvent the privacy protections of Facebook user data, or enable access to a system within the Facebook infrastructure, such as:

    • Cross-Site Scripting (XSS)
    • Cross-Site Request Forgery (CSRF/XSRF)
    • Broken Authentication (including Facebook OAuth bugs)
    • Circumvention of our Platform/Privacy permission models
    • Remote Code Execution
    • Privilege Escalation
    • Provisioning Errors
  • Use a test account instead of a real account when investigating bugs. When you are unable to reproduce a bug with a test account, it is acceptable to use a real account, except for automated testing. Do not interact with other accounts without the consent of their owners.
  • Reside in a country not under any current U.S. Sanctions (e.g., North Korea, Libya, Cuba, etc.

Facebook offers great prize money which is a minimum of $500 and there is no maximum amount they have quoted, as each bug is awarded a bounty based on its severity and creativity.

Our Bug Bounty program allows us to harness the talent and perspective of people from all kinds of backgrounds, from all around the world,Two of the bounty recipients have taken up full-time jobs with the Facebook security team” Facebook Security Engineer Collin Greene said 


What's your reaction?
I Want This
About The Author
Preetish Gumber
iGyaan's New Brain key, Conceptual thinker, Work horse, Photography lover and tech writer catch him on Google Plus : Google+