A Facebook security vulnerability, which could have been exploited to activate a user's webcam and record them without their knowledge, was closed off this summer, it has been revealed.
Facebook paid Indian research firm XY Security a $2,500 (UK£1,546, AUD$2,409) "bounty" in July for discovering the issue and drawing the bug to its attention, the social network has confirmed.
The flaw, which Facebook said had never exploited by a potential 'Peeping Tom', could, conceivably have troubled users who had already agreed to give Facebook permission to access the camera.
Beyond that the user would have to be 'tricked' into visiting a malicious page, then agree to activate the camera - allowing the spy/pervert to begin recording.
Five times the going rate
Facebook must have felt the threat was serious at it paid five times its usual rate to the two researchers who reported the flaw.
"This vulnerability, like many others we provide a bounty for, was only theoretical, and we have seen no evidence that it has been exploited in the wild," Facebook spokesperson Josh Wolens told Bloomberg.
"Essentially, several things would need to go wrong - a user would need to be tricked into visiting a malicious page and clicking to activate their camera, and then after some time period, tricked into clicking again to stop/publish the video."
Facebook is one of many Silicon Valley heavyweights (other notables being Google and Mozilla) who offer 'bug bounties', paying out millions to researchers who spot flaws and potential dangers.
Our favorite ultrawide OLED monitor just got a massive discount for the Amazon Spring Sale - get it now before it nearly doubles in price!
Netflix's #2 most-watched show is the new madcap whodunnit The Residence –here are 3 more mysteries to stream next
Devious new Android malware uses a Microsoft tool to avoid being spotted
