Sign up to our newsletter
Facebook has announced that it paid out $1.3 million last year to ‘white hat’ hackers, as part of a bounty initiative that rewards developers for spotting flaws in the social network.
The Next Web reports that Facebook paid 321 researchers worldwide in 2014, offering an average reward of $1,788. The total sum is down slightly from the $1.5 million paid out last year, but the company says the number of reports has risen by 16% to more than 17,000.
Facebook’s bug bounty program was started in 2011 and has since awarded more than $3 million, helping to maintain a social network used by 1.39 billion people.
Among the bugs submitted were flaws that could have allowed hackers to view users’ private messages, post to their timelines and upload content to Facebook and Instagram’s servers, reports Sky News.
Collin Greene, a security engineer at Facebook, said the company was surprised every year by what it learns from the security community, adding that it has already received more than 100 valid reports this year.
“We’re excited to see what 2015 holds for the bug bounty program,” wrote Greene on the company blog. “Report volume is at its highest levels, and researchers are finding better bugs than ever before.”
Earlier this month, Facebook fixed an exploit that would have allowed hackers to remotely delete any photo they wanted from the social network. As reported by We Live Security, the researcher Laxman Muthiyah was awarded a $12,500 bounty for finding the flaw.
Facebook provides a Bounty Hunter’s Guide to help its researchers, offering tips and advice on how to write a great submission.
Author Kyle Ellison, ESET