Hacker Uses Premium Rate Calls To Steal From Instagram, Google, Microsoft

Reader Orome1 writes: Some account options deployed by Instagram, Google and Microsoft can be misused to steal money from the companies by making them place phone calls to premium rate numbers, security researcher Arne Swinnen has demonstrated. Swinnen calculated that, in theory, these options would allow an attacker to milk over 2 million euro per year from Instagram, 432,000 euro per year from Google, and nearly 700,000 euro from Microsoft by using a slew of fake accounts, multiple premium numbers, and different tools and approaches to automate the process.

Click bait

[ITRambo]

The story explains how the proof of concept exploit could work. It is tedious and was not likely to be used by sane people. The guy was awarded $2000 for discovering the loophole.