Researcher nets major reward for finding Facebook bug able to unlock the gates to its internal systems
Posted by:
John Harrison
A significant security vulnerability in Facebook’s ad platform was successfully identified and resolved by Meta, resulting in cybersecurity researcher Ben Sadeghipour receiving a bug bounty of $100,000 for his discovery in October 2024. The flaw allowed Sadeghipour to execute commands on Facebook’s internal server, gaining control over it. The vulnerability was linked to a server utilized by Facebook for ad creation and delivery, which had a known flaw related to the Chrome browser. Sadeghipour was able to exploit the vulnerability using a headless Chrome browser, highlighting the potential risks associated with online advertising platforms. Despite the breach, Meta swiftly addressed the issue within an hour of being informed, emphasizing the importance of ongoing security research and bug bounty programs in the tech industry. The incident underscores the increasing rewards being offered to security researchers to enhance cybersecurity measures.
Recent Posts1
