After saving Facebook from a significant vulnerability, a security researcher receives a $100,000 reward
Ben Sadeghipour identified a critical vulnerability in Facebook’s advertising system that allowed him to get inside the company’s heart. A security researcher discovered the flaw while analyzing how ads work in October 2024, prompting Meta, its owner, to take immediate action.
According to TechCrunch, the problem was that one of Facebook’s computers was running an outdated version of Chrome, which allowed it to exploit a known security vulnerability. It took the company only an hour to fix the issue after receiving notification from the researcher, who worked with expert Alex Chapman.
Facebook’s advertising machine processes massive amounts of data to deliver text, video, and image ads. This complexity makes it an attractive target for security experts, who find it has many potentials for uncovering potentially dangerous flaws. In this case, the vulnerability affected the entire advertising system.
Vulnerability hunters have become key allies of big tech companies. Financial rewards incentivize these experts, also called ethical hackers, to analyze systems for vulnerabilities in order to make the internet safer.
Ben Sadeghipour warns that other advertising platforms could face similar problems. His discovery shows how important it is to keep everything in IT up to date, as a simple, outdated program can put the security of an entire company at risk.
There is an increasing need for computer security experts in today’s digital world. Their work not only protects our personal data but also secures the computer systems we use every day for essential services like online banking or social media.
The $100,000 bounty Meta gave Ben Sadeghipour illustrates just how serious the vulnerability was. The researcher decided not to mess around too much once he got into the system, but he explained that the level of access he had would have allowed him to access any part of that area of Facebook and extract information directly from connected computers.