In a boisterous turn of events, a Taiwanese hacker by the name of Chang Chi-yuan is challenging Facebook's security credentials by claiming he will delete the company's founder's account this coming Sunday.
Chang also claims to have successfully attacked Apple and Tesla. While none of these attacks have been independently corroborated, the self-proclaimed white hat hacker was also recently sued for hacking into a local bus operator's systems and has been featured on a list of special contributors for Line's bug bounty hall of fame in 2016.
Adding a great deal of irony to the mix, Chang made his challenge using Facebook itself, relaying his claims to 26,000 followers, and is planning on broadcasting the spectacle to the world on Facebook Live.
Zuckerberg's account was hacked back in 2013 in a similar episode when a security researcher, Khalil Shareath, broke into the Facebook CEO's account to make a post and prove a point. Unfortunately, despite Facebook's maintaining a bug bounty program that pays researchers for discovering these kinds of exploits, the company did not pay Shareath. Instead, a crowdfunding campaign had to raise money to make sure the researcher got his dues.
Chang, too, has talked about using his nascent hacking career as a way to make some money, but may face a similar fate as Shareath. If you'd like to join in and see whether Chang can live up to his claims before Facebook finds a way to stop him, he'll be broadcasting live on Sunday at 6 PM Taiwanese time.
Update: As his challenge gained international fame, Chang seems to have gotten cold feet and posted a new message on Facebook, which suggests that he has decided to no longer proceed with his planned deletion of Zuckerberg's account.
He has also attached a few pictures to his post as a means of proving his exploit was indeed real. They show someone from Facebook acknowledging a report submitted by him. There's also a picture of him among the list of White Hat hackers thanked by Facebook. However, the devil is in the details as the pictures do not have a timestamp, and a quick glance at the list of people thanked by Facebook shows his name is nowhere to be found on either the 2018 or the 2017 list. He's only included on the list from 2016 (in the same position as the image uploaded by him), and this may suggest that he was using an older credit from Facebook's bug bounty program to bolster his claims this time around.
Source: Chang Chi-Yuan (Facebook) via Bloomberg, The Verge | Image credit: Anthony Quintano
18 Comments - Add comment