Can this hacker really delete Mark Zuckerberg’s Facebook account?
A Taiwanese bug bounty-hunter claimed this week that he would delete Mark Zuckerberg’s personal Facebook account and promised to stream the attack live on Facebook.
Now, in an unexpected twist, he’s backpedaling on his promise to livestream the deletion of Zuckerberg’s account — but not on the claim that he found a severe vulnerability within Facebook.
The scandal first broke when Bloomberg reported on a scheduled Facebook Event created by the 23-year-old Taiwanese hacker Chang Chi-yuan in which the hacker described “live-streaming the deletion of [Facebook] founder Zuck’s account.”
But in the ensuing hours since the story was picked up by Bloomberg and other major news outlets, Chang wrote another long, somewhat rambling Facebook post backpedaling on his promise to publicly demonstrate that he could, in fact, delete Mark Zuckerberg’s Facebook account.
In the new post, Chang said he didn’t expect for his event, which was sent to more than 27,000 people, to go viral. He said the event was really only meant for people in Taiwan. However, he reaffirmed that he did discover a method that would have a allowed him to delete Zuckerberg’s account. He posted screenshots of his bug submission to Facebook.
Chang Chi-yuan’s claims were originally met with intrigue, especially since he’s not just some random person boasting on the internet with nothing to back it up. At 23 years old, Chang Chi-yuan has developed a name for himself within hacking communities as a bug bounty-hunter, or in other words someone who finds bugs in software and services, and responsibly discloses them to the company that owns them. In return, the companies usually provides some sort of monetary reward with variables dependent on each company.
Chang has been a guest on local television talk shows to discuss his hacking claims. He has been sued by a local bus operator for hacking their systems to purchase a ticket for 3 cents. The makers of the messaging app Line have named Chang Chi-yuan in their hall of fame for its 2016 Line Security Bug Bounty Program and listed him as a “special contributor” on their website.
Even Facebook itself has listed Chang Chi-yuan’s name on its white hat thank you page, claiming “on behalf of over a billion users, we would like to thank the following people for making a responsible disclosure to us” before going on to name Chang on its 2016 “thank you” list.
Mashable has reached out to Facebook regarding Chang Chi-yuan’s exploit claims, and we’ll update this post when we hear back.