'I Hacked Facebook -- and Found Someone Had Beaten Me To It'

An anonymous reader shares an article on The Register: A bug bounty hunter compromises a Facebook staff server through a sloppy file-sharing webapp -- and finds someone's already beaten him to it by backdooring the machine. The pseudo-anonymous penetration tester Orange Tsai, who works for Taiwan-based outfit Devcore, banked $10,000 from Facebook in February for successfully drilling into the vulnerable system. According to Tsai, he or she stumbled across malware installed by someone else that was stealing usernames and passwords of FB employees who logged into the machine. The login credentials were siphoned off to an outside computer. According to Facebook security engineer Reginaldo Silva, the password-slurping malware was installed by another security researcher who had earlier poked around within Facebook's system in an attempt to snag a bug bounty.

Re:"Security Researcher"? Really?

[Frosty+Piss]

Don't call him hacker either after all "hacker" is a positive term...

You know as well as I do that is "politically correct" garbage. Good or bad, a hacker is a hacker, and "cracker" is a made-up term. Now, if you want to assign hat color (white, black), feel free. But please do give me this crap that a "black hat" hacker is not a hacker but rather something else because you want to reserve the Hip And Trendy term hacker for yourself... Seriously. That's bullshit.