Thanks to hacker Anand Prakash, ride-hailing service Uber can breathe a sigh of relief.
Prakash, a ethical hacker from Bengaluru recently revealed a bug in Uber's payment services that could have been used for unlimited lifetime free rides anywhere in the world. This could have meant potentially big losses for Uber, reported TechCrunch.
But thanks to him, the bug has been fixed by Uber and saved it from incurring huge losses, had someone misused it. Impressed with his finding, Uber has rewarded Prakash $5,000 (around Rs 3.3 lakh).
In a blog post, Prakash revealed how anyone could have used the loophole within the Uber app to gain free rides for life.
He also uploaded a video on YouTube to explain how he managed to discover the bug:
Prakash then reported the issue through Uber’s bug bounty program, which rewards hackers with cash for finding and reporting security vulnerabilities. Uber fixed the flaw the same day and paid him $5,000.
"Uber's bug bounty programme works with security researchers all over the world to fix bugs, even when they don't directly impact our users. We appreciate Anand's ongoing contributions and were happy to reward him for an excellent report," an Uber spokesperson told TechCrunch.
Well, this is not the first time that Anand has impressed everyone with his bug-finding talent.
A very simple Facebook account takeover bug reward $15k reported by me https://t.co/2kj43eiNCf— Anand Prakash (@sehacure) March 7, 2016
He is presently one of the top hackers with Facebook’s White Hat bug finding programme and was the one to find the security flaw with Facebook last year. He was awarded $15,000 (around Rs 10 lakh) by Facebook for reporting the vulnerability through which one can take over anyone’s Facebook account and change the password.
Twitterati congratulated the techie:
This Anand Prakash is one smart kid! Hacker Finds A Bug That Can Get You Free Rides With Uber For A Lifetime! https://t.co/tZn2yFWK7l— G (@gunjangovani) March 5, 2017
@nextbigwhat it takes guts to accept rather cover up and great way to reward...— Iamhariprasad (@harry_1179) March 5, 2017