Pakistani IT researcher Kamran Mohsin has wons $15,000 for finding severe security flaws in inDriver mobile app.
inDriver has become quite popular in Pakistan in the past few months. It is an online cab service. The inDriver app is popular for their unique concept of letting the customer choose the fare.
Kmaran said that, looking at its popularity he decided to see if the app was safe enough.
Kamran had found multiple critical vulnerabilities (loopholes) in the mobile app. He was able to successfully take control of user accounts.
He was able to hack into any user account, steal their sensitive data and/or book rides, view ride history, ride as a passenger or hack into the driver account and take passengers on ride in fact anything which an ordinary user is able to do.
After he found these breaches, he reached out to the officials of inDriver, which is a Russian Company. The company has now improved the security of the app.
In recognition of his great bfeat, the company has given Kamran a huge bounty of 15,000 USD. This is the maximum bounty that a Pakistani researcher has received till date.
About Kamran Mohsin:
Kamran Mohsin is a passionate information security researcher, currently working as Expert Information Security in Jazz – Pakistan Mobile Communications Limited.
He holds a Master degree in Information Security. His core security interest lies in web, mobile and system exploitation. He is
In free time he used to learn new technologies and write information security blogs. Apart from that he enjoys finding security weaknesses in notable applications.
He has been already acknowledged by huge tech giants, some of them includes Microsoft, Kaspersky, Fortinet, Realtek, Nayatel, Careem, inDriver and multiple more for his efforts in making their users more secure.
Bashir Ahmad is a medical student working as a freelance writer, graphic designer and social media manager for Pakscience, Scientia Pakistan and many other platforms. Tap on the social media links below to connect with him.