Recently Anand Prakash from Bengaluru got $13,500 from Uber for discovering a glitch in Uber’s payment system by which one could get unlimited free rides. The bug has already been fixed by Uber app developers. Here is the complete story.
Anand Prakash is a web application security expert from Bengaluru and he recently posted about this glitch in his blog saying anyone could have misused this method and got unlimited free rides. He found that modifying an invalid payment method on deal.uber.com through some backend modifications this hack can be done. He personally has booked cabs using Uber and tested this hack in India and United States and he was successful.
Uber’s security program awarded Anand with $13,500 for his discovery. Anand has identified several bugs in the most popular system like Facebook, PayPal, Google, Twitter, Adobe in the last couple of years. Last year Anand has received $15,000 prize from Facebook for identifying a bug in the Facebook login interface which allowed hackers to exploit more than 1.6 billion Facebook accounts.