The Real McCoy: Russian Hacker Helps Protect Facebook From External Threats

© REUTERS / Dado RuvicA man is silhouetted against a video screen with a Facebook logo as he poses with a smartphone in this photo illustration taken in Zenica.
A man is silhouetted against a video screen with a Facebook logo as he poses with a smartphone in this photo illustration taken in Zenica. - Sputnik International
Subscribe
While US intelligence agencies continue to chase the phantoms of Russian hackers allegedly responsible for manipulating elections and generally being nasty people, real Russian IT experts help make the Internet a safer place and receive rewards and recognition for their efforts.

Dark web - Sputnik International
Russian Hacker Scare Haunting Europe
Russian IT security expert Andrey Leonov was paid a record fee by Facebook after he helped the social network to expose and resolve a potentially harmful vulnerability.

The grateful social network's management paid Leonov $40,000 for services rendered, as part of the Facebook bug bounty program.

The exploit in ImageMagick, a package commonly used by web services to process images, was discovered by Leonov in October 2016 while he was working on an unrelated project and decided to investigate Facebook's content sharing mechanism for potential flaws like Server-Side Request Forgery (SSRF).

It should be noted that the vulnerability in question, known to the netizens as ImageTragick, allows an attacker to potentially execute arbitrary code on servers that use the application to edit user-uploaded images. It was originally discovered in April 2016 and disclosed to the public the following month.

However, for some reason Facebook was apparently unable to address the issue until Leonov reported it on October 16; the flaw was patched in about three days after his tip.

Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала