Bengaluru Techie Wins $6,500 For Finding Critical Uber Bug

Bengaluru-based cybersecurity researcher, Anand Prakash, was awarded $6,500 (around Rs 4.6 lakh) by ride-hailing behemothic, Uber, every bit part of the company's bug bounty programme subsequently discovering a critical flaw in the flagship app of the San Fransisco-based house. Uber has reportedly already fixed the 'account-takeover-vulnerability' that could have potentially allowed attackers to take over any other user's Uber account, including those of partners and Uber Eats users.

The problems was present in the API request role of the Uber app and, according to the visitor, was immediately fixed on being reported. The company too said that over $two million was paid to more than 600 researchers around the world, including many in India, equally part of its bug bounty program over the years. Another Indian researcher, Chennai-based Laxman Muthiyah, had recently won $30,000 as a role of Facebook'south problems bounty program after spotting a flaw in the company's pop photo-sharing platform, Instagram.

Prakash, who started his career every bit a security engineer in Flipkart in 2014, had earlier discovered another issues in Uber, which reportedly allowed anyone to travel for free for a lifetime in an Uber cab. In 2016, he founded AppSecure, a cyber security startup, and has been featured in the Forbes' "xxx under xxx Asia" listing. He had earlier earned $15,000 as bounty for discovering a Facebook vulnerability that allowed potential hackers to login without an account.

A graduate in information science from Vellore Institute of Technology, Chennai, he had earlier received $v,000 from Uber for booking a gratuitous ride and $4,700 from Tinder. He has likewise worked with the Bengaluru-based foodtech startup, Freshmenu, to make the platform more secure. He has also participated in bug bounties for GitHub, Nokia, Soundcloud, Dropbox and PayPal in the past.

With inputs from IANS