Attend FREE Webinar on Digital Marketing for Career & Business Growth Register Now

India Ranks First In Facebook Bug Bounty Programme

Rate this post

There were more than 1.49 billion monthly active users on Facebook till 2015. It is obvious that social networking sites have changed the way we interact with our friends and family. There are millions and millions of users who are connected to their associates via online tools. Though sites like Google+, Facebook, YouTube, Twitter, and Instagram have a high significance in our lives but the question is still there… Are they secure enough to protect us from any impending threat?



Here are few security threats that you should know

  1. Identity being stolen

There are many thieves out there, who gather your personal information from social networking sites and can get your identity. Once they steal and hack your account, they have access to all your information, personal as well as professional.

  1. Social profile being hacked

By injecting virus to your Pc, hacking your account, obstructing your bank account information are some of the things hackers love to do.

  1. Stalkers Alert

Using social networking sites means posting personal information and once that’s online, it is no longer private. By which, it means that they can fall into wrong hands. The more you post, the higher probability of it falling in wrong hands.

  1. Informing burglars where are you

By telling the world that you are having fun in Miami, will only give burglars a chance to sneak into your house. By your check-ins, you will get to know where you are and for how long you have gone and when you will be back. Doesn’t sound cool, right?

Social networks are meant to connect you and have a positivity around you but these threats can make your life miserable.

For this, Facebook initiated Bug Bounty Programme. A programme that was meant for hunting bugs on social networking sites. A bug is a defect or an error in hardware or software which causes a programme to malfunction. It occurs due to conflicts in software when apps try to run simultaneously. Bugs do cause the software to produce unexpected results or completely crash, certain bugs can be used to gain unauthorised access to systems.



Facebook launched its bug bounty programme in 2011 and ever since then, they have received more than 2400 valid submissions. They have also awarded more than 4.3 million US Dollar to over 800 researchers worldwide. This initiative by Facebook seeks help from people worldwide with a promise of awarding them. Under this programme, researchers get rewards for identifying vulnerabilities in services by Facebook, reporting security bugs or issues with its infrastructure that can cause privacy risks. By the year 2015, the blue themed social networking site has received a total of 13,233 submissions from 5,543 people from across 127 countries. They have also paid USD 9,36,000 to 210 researchers who submitted a total of 526 valid reports. On an average, they have paid USD 1,780. The highest number of payouts have been from the countries like India, Tobago, Trinidad, and Egypt.

In 2016, Facebook again initiated Bug Bounty programme in which 127 countries participated and India has topped it. India is not only the country with the highest number of participating security researchers i.e., 205 but is also the country with the most paid bounties, amounting to Rs 48.4 million till now. These figures have been calculated ever since 2011 when Facebook launched its Bug Bounty programme. This programme invites white hat hackers to identify and report security vulnerabilities in Facebook. Earlier limited to Facebook, it has been spread to other Facebook-owned domains like Free Basics, Instagram, Onavo, and Oculus.

The basis on which Facebook decides to reward its participants are

  • Risk of a bug
  • Complexity of a bug
  • Cleverness of a bug

Adam Rudderman, technical manager at Facebook’s Bug Bounty programme points out on focusing on high-impact areas and submitting a good quality report.

“Facebook receives more and more high-impact hugs from India each year, reflecting the growing sophistication and technical capabilities of the country’s engineering schools and cyber security programmes”

For example, those bugs are most important that impact end users along with factors like technical skills required for an attack, the difficulty of exploiting the vulnerability, and the bug that violated the intended use of the product.

Based on the reports received from India, here’s what Adam Rudderman has to say

“India is home to the largest population of security researchers (205) participating in the Facebook bug bounty programme since its inception in 2011. The country also holds the top spot for most bounties paid (Rs 48.4 million)”

In February 2016, Anand Prakash, a 22-year-old Indian security researcher was awarded $15,000 by Facebook for spotting a bug that let him hack any user’s account.

According to a recent post submitted by the bug bounty team, it is seen that in the year 2015, 38% more high impact bugs were recorded than the previous year and an amount of Rs 6.23 crore was paid to the bug finders in the last year.

However, there is some contradiction in here. Although India has stopped the list of bug bounty programme, Indian cyberspace is under the attack radar constantly. As per the recent reports, a Pakistani application was taken down from the Google play store for spying on the Indian Army. There were also incidents when Pakistani hacker attacked Indian Railway website, and AIIMS, Raipur.

Have you ever encountered a threat to privacy on social networking sites? Share with us your experience…

Sakshi is a content marketer during the day and a reader by night. She writes content sprinkled with a twisted imagination. She has done her graduation in psychology from Delhi University and has an insane love for history.

  • social-media-training

  • Your Comment

    Your email address will not be published.