Like many companies, Vine employs a program in which they pay users for reporting bugs. A user by the name of “avicoder” was looking into them for this reason when he discovered a major one. Using a number of methods, avicoder found a way to download their entire source code and their API keys. Luckily, he reported the issue to them and was compensated nearly $11,000 for this information.
Key Takeaways:
- Bug bounties are a concept that involve companies paying hackers to find vulnerabilities in the company’s systems.
- Twitter, like many other companies, has a bug bounty program that pays fairly well and quickly for anyone who reports a vulnerability.
- it allows for a crowd-sourced security analysis, and also deters hackers from maliciously exploiting the vulnerability.
“Encouraged by Twitter’s bug bounty program, a researcher going by the handle “avicoder” has been looking into Twitter- and Vine-related vulnerabilities for quite some time.”
Leave a Reply