FACEBOOK BUG : LET SECURITY RESEARCHER DELETE ANYONE’S PHOTOS
White hat hacker Muthiya & security researcher had just recently discovered a serious bug on facebook that can allow a malicious user to delete anyone's public photos with just few lines of codes. Muthiyah was able to trick the social media into believing that he owned the photos, allowing him to delete entire albums at a time using Facebook’s Graph API. Good thing is, Muthiyah reported the bug to facebook. And After 2 hours, the bug was fixed. As part of the company’s bug bounty program, Facebook paid Muthiyah $12,500.
Muthiyah could have caused Facebook a lot of headache by deleting public photos left and right which is called the Lizard Squad-style attack. But good thing is, Muthiyah decided to do the right thing and report the bug to Facebook in the end.