Categories: Ad Guardian Plus

Facebook decided to pay hackers

Facebook decided to pay hackers in the expansion of its bug bounty program. This is a way to enhance the security of third-party apps and websites that integrate with its platform, as Facebook users’ data that had been misused was exposed mainly as the result of a vulnerability or security weakness in third-party apps or services.

Last year, Facebook launched “Data Abuse Bounty program, which rewards anyone reporting valid events of third-party apps collecting Facebook users’ data and passing it off to malicious parties, violating Facebook’s improved data policies.

Very few of the millions of third-party apps in the Facebook ecosystem have a vulnerability disclosure program or offer bug bounty rewards to white-hat hackers for responsibly reporting bugs in their codebase.

Facebook’s security programs for third-party apps and used to be limited to “passively observing the vulnerabilities,” as there was a communication gap between researchers and the affected app developers.

Facebook expanded its bug bounty program for third-party apps, last year, but this was still limited to valid report submissions for the exposure of Facebook users’ access tokens that allow people to log into another app using the platform.

Now, Facebook has decided to pay white-hat researchers even if app developers don’t have their own bounty program. “Although these bugs aren’t related to our own code, we want researchers to have a clear channel to report these issues if they could lead to our users’ data potentially being misused,” Facebook announced recently.

“We hope to encourage the security community to engage with more app developers.”

It means that app developers can take advantage of this program by setting up their own vulnerability disclosure policy, which would then help researchers to be eligible for finding bugs in their code and claim rewards from Facebook.

A report of a vulnerability in third-party apps submitted to Facebook will only be considered valid when researchers include proof of authorization granted by the third-party developer when submitting their reports. If the third-party developers already have their own bug bounty program, researchers can claim rewards from both parties.

The minimum reward from Facebook will be of $500, and it will depend upon the potential impact and severity of the reported vulnerability.

Laurentiu Titei

Recent Posts

EasyCAP Driver Download for Windows 11 and 10

EasyCAP software, a USB device, became immensely popular over the past decade. You can use…

9 hours ago

How to Convert HEIC to JPG on Windows

HEIC is a popular image format. However, many times, you may need to convert HEIC…

1 day ago

Best Free Disk Cleaner Software to Free Up Space in Windows 11/10

Do you miss how fast your computer performed when you first unboxed it? What happened…

1 day ago

Best Free Cache Cleaner Software for Windows 10 and 11 PC

Do you remember how fast your computer was when it was new? It could complete…

4 days ago

Best Methods to Duplicate Word Documents in 2025

Many users duplicate Word documents to secure a backup, avoid overwrites or accidental deletions in…

4 days ago

What Is Windows Update and How to Block it with Windows Update Blocker

Computer systems are unpredictable. No one can predict how they behave after an update. .…

5 days ago