Support The Moscow Times!

Record Payout for Russian Researcher who Exposed Facebook Security Flaw

Owen W Brown / Flickr

A Russian researcher has been awarded a record $40,000 by U.S. social media site Facebook for spotting a vital security flaw.

Online security expert Andrei Leonov found that the site was vulnerable to remote attacks launched using a bug in the image-processing software Image Magick.

The original Image Magick flaw, dubbed “Image Tragick,” was spotted and patched in May 2016, but hackers have been able to use it to attack larger sites which use the software plug-ins.

Leonov received the payout through Facebook's Bug Bounty program, which rewards computer experts who spot flaws in the site's coding. The program has paid $5 million in its 5-year existence to more than 900 researchers, the company announced in Oct. 2016.

Read more

Independent journalism isn’t dead. You can help keep it alive.

As the only remaining independent, English-language news source reporting from Russia, The Moscow Times plays a critical role in connecting Russia to the world.

Editorial decisions are made entirely by journalists in our newsroom, who adhere to the highest ethical standards. We fearlessly cover issues that are often considered off-limits or taboo in Russia, from domestic violence and LGBT issues to the climate crisis and a secretive nuclear blast that exposed unknowing doctors to radiation.

Please consider making a one-time donation — or better still a recurring donation — to The Moscow Times to help us continue producing vital, high-quality journalism about the world's largest country.