- Meta launches WhatsApp Analysis Proxy to help bug bounty investigations into WhatsApp protocols
- Specialised analysis pilot expands to incorporate abuse points with engineering assist and tooling
- In 2025, Meta validated ~800 reviews, paying $4M for important bug fixes
Meta has launched new instruments to assist cybersecurity researchers discover bugs in WhatsApp.
In a brand new weblog submit discussing the success of its Bug Bounty program during the last 15 years, Meta mentioned the researchers requested for a product that may assist them examine WhatsApp-specific applied sciences higher, and in response, it constructed WhatsApp Analysis Proxy.
Describing it as a “software that makes analysis into WhatsApp’s community protocol more practical”, Meta mentioned it will likely be out there to “a few of our long-time bug bounty researchers”, who is not going to solely use the software, however present suggestions to assist enhance it. Extra researchers can be invited to check the software as time goes by, Meta added, and confused that the aim is to launch the software publicly sooner or later. No precise dates have been talked about, although.
Increasing bug bounty applications
Meta additionally introduced it could be increasing its specialised analysis pilot. Earlier this 12 months, the corporate launched a pilot to assist speed up collaboration specifically areas – however simply with researchers with confirmed credentials.
Now, Meta is seeking to increase this partnership by incentivizing analysis “past conventional safety vulnerabilities”.
As a part of this enlargement, Meta is now inviting analysis groups to deal with abuse points with devoted inner engineering assist and tooling, all with the aim of reducing the barrier of entry for lecturers and different searchers who won’t be as aware of bug bounty applications.
The corporate that owns Fb, Instagram, WhatsApp, and some different platforms, mentioned it obtained round 13,000 submissions to its bug bounty program in 2025. It validated nearly 800 reviews, for which it made cumulative funds of greater than $4 million.
Among the worst bugs that have been fastened via this system embody a way that allowed mass WhatsApp account enumeration, an incomplete validation situation, and completely different arbitrary code execution bugs.
Through The Hacker Information
The most effective antivirus for all budgets
Comply with TechRadar on Google Information and add us as a most well-liked supply to get our skilled information, opinions, and opinion in your feeds. Be certain to click on the Comply with button!
And naturally it’s also possible to observe TechRadar on TikTok for information, opinions, unboxings in video type, and get common updates from us on WhatsApp too.
