Indian techie discovers Uber bug, bags Rs 4.6 lakh reward

The bug was an account-takeover-vulnerability on Uber that allowed attackers to take over any other user's Uber account, including those of partners and Uber Eats users.

Published: 16th September 2019 07:53 PM  |   Last Updated: 16th September 2019 07:53 PM   |  A+A-

Uber, taxi

Image used for representational purpose only. (File | Reuters)

By IANS

NEW DELHI: Ride-hailing giant Uber that recently fixed a hacking bug found by Bengaluru-based cybersecurity researcher Anand Prakash which allowed hackers to log into anyone's Uber account, and paid him $6,500 (nearly Rs 4.6 lakh) as reward.

The bug was an account-takeover-vulnerability on Uber that allowed attackers to take over any other user's Uber account, including those of partners and Uber Eats users, inc42 reported.

As per media report, the bug was present in the API request function of the Uber app.

ALSO READ | Manipur man detects WhatsApp bug, enters Facebook 'Hall of Fame'

According to Uber, the bug was immediately fixed through the company's bug bounty programme. It also said that over $2 million was paid to more than 600 researchers around the world, including Indian researchers.

Prakash had earlier removed a bug in Uber, by taking advantage of which anyone could travel for free for a lifetime in an Uber cab.

He started his career as a security engineer in Flipkart in 2014.

In 2016, he founded AppSecure, a cyber security startup.

Prakash has been featured in the Forbes' "30 under 30 Asia" list.

In 2015, Facebook awarded him $15,000 as bounty for logging in without an account.

A graduate in computer science from Vellore Institute of Technology, Chennai, he also received $5,000 from Uber for booking a free ride and $4,700 from Tinder.

Prakash has worked with the Bengaluru-based foodtech startup Freshmenu to make their platform secure.

He has also participated in bug bounties for GitHub, Nokia, Soundcloud, Dropbox and PayPal in the past.

 

Stay up to date on all the latest Nation news with The New Indian Express App. Download now
(Get the news that matters from New Indian Express on WhatsApp. Click this link and hit 'Click to Subscribe'. Follow the instructions after that.)

Comments

Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp