'I Hacked Facebook -- and Found Someone Had Beaten Me To It'

An anonymous reader shares an article on The Register: A bug bounty hunter compromises a Facebook staff server through a sloppy file-sharing webapp -- and finds someone's already beaten him to it by backdooring the machine. The pseudo-anonymous penetration tester Orange Tsai, who works for Taiwan-based outfit Devcore, banked $10,000 from Facebook in February for successfully drilling into the vulnerable system. According to Tsai, he or she stumbled across malware installed by someone else that was stealing usernames and passwords of FB employees who logged into the machine. The login credentials were siphoned off to an outside computer. According to Facebook security engineer Reginaldo Silva, the password-slurping malware was installed by another security researcher who had earlier poked around within Facebook's system in an attempt to snag a bug bounty.

cat tongues are like sandpaper

[rmdingler]

If the universe is indeed a clever simulation, are you now discovering a hack with a hack in a universe that's been hacked and hacked until it resembles an infinity mirror?

Re: Makes sense

Ip address? Just so I can verify your story is true...