Support The Moscow Times!

Record Payout for Russian Researcher who Exposed Facebook Security Flaw

Owen W Brown / Flickr

A Russian researcher has been awarded a record $40,000 by U.S. social media site Facebook for spotting a vital security flaw.

Online security expert Andrei Leonov found that the site was vulnerable to remote attacks launched using a bug in the image-processing software Image Magick.

The original Image Magick flaw, dubbed “Image Tragick,” was spotted and patched in May 2016, but hackers have been able to use it to attack larger sites which use the software plug-ins.

Leonov received the payout through Facebook's Bug Bounty program, which rewards computer experts who spot flaws in the site's coding. The program has paid $5 million in its 5-year existence to more than 900 researchers, the company announced in Oct. 2016.

Read more

Independent journalism isn’t dead. You can help keep it alive.

The Moscow Times’ team of journalists has been first with the big stories on the coronavirus crisis in Russia since day one. Our exclusives and on-the-ground reporting are being read and shared by many high-profile journalists.

We wouldn’t be able to produce this crucial journalism without the support of our loyal readers. Please consider making a donation to The Moscow Times to help us continue covering this historic time in the world’s largest country.