Facebook has launched a new bug bounty program inviting hackers to identify and report vulnerabilities in its website and applications.
The company will only consider reports that can lead to a complete compromise of someone else’s account (this also applies to leaks of access tokens, and interception of current user sessions).
The bounty price has been divided into two parts i.e. $25,000 to the hacker for reporting vulnerability requiring minimum user interaction and $40,000 for vulnerability involving no user interaction.
“By increasing the award for account takeover vulnerabilities and decreasing the technical overhead necessary to be eligible for bug bounty, we hope to encourage an even larger number of high-quality submissions from our existing and new white hat researchers to help us secure over 2 billion users,” said Facebook.
The announcement came after recent incidents involving hackers stealing personal data of 30 million Facebook user by exploiting a vulnerability in its “View As” feature and the Cambridge Analytica scandal.
Moreover, just a few days ago a critical vulnerability in Instagram’s “download your data tool” exposed users’ passwords to public view. In October this year, it was reported that a number of Instagram influencers became victims of growing hacking spree urging the company to update its bug bounty program to protect its users from malicious attacks.
If you are a hacker or an IT security researcher here is your chance to make some big money. If you think you have already found serious flaws then simply report it to Facebook by filling this Report Vulnerability Form.