October 26, 2021, Kathmandu
A young Nepalese man discovered a security flaw in Facebook.
Rabin Bhattarai, a young man from Tanahun, Nepal, discovered security flaws on Facebook. Bhattarai was successful in detecting a Facebook “voice confusion” bug.
A second-year civil engineering student discovered this bug while bug hunting about a month ago. When a person shared their page in any group, Facebook showed that it was shared by the page itself rather than the person. Facebook was “enacting as a profile” while sharing the page, which meant it appeared as a personal profile.
When it was later checked to see if the page was shared in a group, it was discovered that it was shared by the page itself rather than from the personal profile.
As a result, even if the user shared it with their voice, the page itself shared it.
On September 19, he reported to Facebook, “Due to this bug, users received the incorrect indication and also affected the management of the page as its confidential details were published.”
On October 21, Facebook approved his bug, and the company rewarded him with a $1000 bounty, or approximately one lakh 19 thousand Nepalese rupees.
In addition, his name was mentioned in Facebook’s “Hall of Fame.”
Bhattarai came in 114th place in Facebook’s “Hall of Fame.”
