|Photo by: Creative Commons Zero - CC0 via Max Pixel|
A security breach in voice over IP service and instant messaging WhatsApp has recently been discovered by an Israeli teen and Facebook awarded him for such discovery.
The 17-year old Israeli high schooler Yuval Sprintz chanced upon the security breach when working on a software tool that merges two groups of WhatsApp. As he was preparing the tool, he had to delve deeper into the application’s code where he discovered the security breach. He said that the breach allows a user to add fake phone numbers to a group in the App. However, these fake numbers do not at all represent genuine accounts.
According to Sprintz, who is currently studying a degree in computer science at Haifa University, the breach functions not just by its ability to add more fake users, but it may also cause app crashing in smartphones.
The Israeli teen from Tzurit community in northern Israel said: “I played around with some functions and tried doing something cool with them.” As he exploited the breach, he contacted Facebook, the developer of the app. He used the social media platform’s Bug Bounty program, a deal commonly offered by software and website developers to award individuals for reporting bugs.
Facebook commented that they were grateful that the matter was informed to them. “We quickly fixed the breach and awarded the researcher with a prize.”