Ilya Glebov, 17 year old Student from the Murmansk region school, received around ₹2,00,000 from Vkontakte and ICQ reward for finding the vulnerability in the social network.
Ilya found the vulnerability during the preparation for the computer science exam. He said that at first he read the news about similar vulnerability in Facebook and later decided to check it in Russian social network Vkontakte.
According to him, the vulnerability allowed to hack most accounts on the social network with the exception of accounts with two-factor authentication.
At first student reported on a vulnerability in Vkontakte through HackerOne website. Later, a similar vulnerability was discovered in ICQ (both services belong to Mail.Ru Group). After that Glebov received more money which is around ₹64,000.
According to Glebov, Vkontakte fixed the vulnerability within 24 hours.