Indian Hacker Awarded to Discover Security Flaw in Vine video sharing service of Twitter
The world has ever known and saluted the intelligence which Indians inherit from their ancestors. May it be Aryabhatt or Dr. APJ Abdul Kalam, time and again, we have proved our ability to the whole world. This time, it is an Indian hacker, who is awarded by the huge micro-blogging social site ‘Twitter’. Avinash Singh, who is a White Hat hacker, has received a total sum of $10,080 discovering a loophole in the security process of Twitter. The loophole was in the Vine video sharing service of Twitter, through which Avinash got the access of the whole cache of Vine’s online code.
He reported Twitter about the loophole in the month of March this year and awarded with the prize money through a bug bounty start-up which is termed as HackerOne.
The hacker has discovered a Docker image for Vine which was supposed to be stored in the server of Amazon Web Services. The image was supposed to be private as it depicts the vulnerabilities using censys.io. Docker is an open platform for the developers and system administrators which contain all the codes required to build and run an application.
In a post, Avinash explained that “I was able to locate the entire source code of Vine, its API keys, third party keys, and other crucial information. The image was letting me run my own local Vine replica without any parameters.”
The issue was reported to Twitter on March 31, and it was fixed as early as in 5 minutes.
The Indian-origin hackers are shining on the world platform as previously, a Bengaluru-based hacker, Anand Prakash, received a handsome prize of $15,000 (Rs. 10 lakh approx.) from Facebook for informing them about a bug which was potential of putting 1.6 billion social network users at risk.
Prakash wrote a blog post in which he clarified that on February 22, he found out about a simple vulnerability through which any hacker could hack anyone’s profile and get their credit/debit card details. Also, they could access their personal pictures and messages.
Prakash was happy on his achievement as he claims himself a “Bug Bounty Hunter”. This 22-year old boy works as a Security Engineer at Flipkart and says that he has earned a total of around Rs. 1.2 crores just by reporting bugs to Facebook, Twitter and a host of other US-based big technology companies.