Close to discovering security vulnerabilities on Facebook, which received 11 awards
Lately, Nepali youths have been earning a decent income by discovering bugs (security vulnerabilities) of the world’s largest IT companies.
Finds and reports bugs in their system. The company then rewards the bug if it is valid.
One of them is Aryal near Chitwan. Samip Aryal, 18, is currently waiting for the Class 12 exam.
Starting to detect bugs in early 2020, he has so far earned 10,000 dollars (more than 1.1 million Nepali rupees). After 1-2 friends were inducted into the company’s Hall of Fame, they too became curious about bugs.
‘I’m not a dedicated bug bounty hunter. “One or two of my neighbors started to be inducted into the company’s Hall of Fame,” Samip told ICT News.
“I’ve been hearing from class 9 that the company will provide something if the company’s security vulnerabilities are discovered,” he said.
Hall of Fame is the honor or recognition given to those who help strengthen the company’s cyber security. In which the name of the contributor is listed in the white hat thank list.
Her interest in it grew even more when she found out that her friend was in the Hall of Fame. He is currently listed as number 27 on Facebook’s Hall of Fame. He started detecting his bug from Facebook.
After finding 1-2 bugs on Facebook, he also tried in Google, Netflix, Emo, PayPal and other companies. Although Emo’s bug was valid, he did not receive the award.
‘Emo’s bug was valid. But Emo doesn’t have a bug bounty program, ‘says Samip,’ they didn’t just give thanks and give rewards. ‘
Although Google reported the bug, it was duplicated. Samip also discovered a bug in Netflix but that bug was out of their policy.
Samip says Facebook’s White Hat program is user-friendly. He has received rewards 11 times from Facebook.
Just a few days ago, he discovered the problem of leaking business tokens due to Facebook open redirection as 11 bugs. In which he was given a reward of डलर 500 by Facebook.
He had recently discovered a serious security vulnerability in the messenger chat room.
‘While using the messenger room, my eyes went to the chat bottom. There is also a group chat, ‘he said,’ instead of chatting, you can accept the gallery option and send the photo to the video group. But without unlocking, I found the problem of getting all the access. ‘
He discovered the bug in 5 minutes. Then Samip studied and found that all the Android apps in the world can do this.
He says, ‘This is the fault of Android not protecting the permissions. I also reported this bug to Google. Google reported the bug to Messenger and I reported it on Facebook. ‘
Facebook then paid him १२ 3,125 for the bug. He also discovered a bug in Facebook’s Watch Together feature.
Although he was interested in IT, he never thought of taking it as a career. He decided to pursue a Bachelor’s degree in Physics and Electronics and Communication Engineering.
But as he began to detect bugs, many suggested that he read about cybersecurity. He is still in a dilemma as to what to study for a bachelor’s degree.