Hackers raise over $12,000 for man who broke into Mark Zuckerberg’s Facebook page

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Mark ZuckerbergFacebook may have refused to pay researcher Khalil Shreateh a bug bounty after he posted a message on Mark Zuckerberg’s Facebook page, but that doesn’t mean he’s going to go away empty-handed.

Shreateh posted the message on Zuckerberg’s Facebook page, exploiting the vulnerability he had discovered, after he become frustrated by the poor response from the social network’s security team. Irritated by their claim that he wasn’t reporting a bug, he effectively “went to the top” in order to get their undivided attention.

Shreateh lost the chance of receiving $500 or more from Facebook by breaking their guidelines for responsible investigation and disclosure of flaws on the site, much to the annoyance of many fellow security researchers and hackers online.

Well, if you were one of them, don’t despair. A fundraising campaign started by researcher Marc Maiffret has already raised over $12,000 for Shreateh.

Sign up to our free newsletter.
Security news, advice, and tips.

Fundraising for Khalil Shreateh has raised over $12,000

Shreateh may have been unwise to have posted messages onto the Facebook pages of Zuckerberg and his college friend Sarah Goodin without permission, but it doesn’t look as though he’s going to miss out financially because of it.

If you are on Facebook, and want to be kept updated with news about security and privacy risks, and tips on how to protect yourself online, join the Graham Cluley Security News Facebook page.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

3 comments on “Hackers raise over $12,000 for man who broke into Mark Zuckerberg’s Facebook page”

  1. Joey Lee

    A positive outcome, but I still think Emrakul (Facebook Security) should have all his cases reviewed.

  2. cypherpunk

    Why didn't Zuckerberg gave Khalil the bounty? Because Khalil is Palestinian ?

    1. Cody · in reply to cypherpunk

      (Born in the US) Probably yes, that is the reason. I would like to believe not but it's fairly obvious to most the world that there is that issue (more often than not). It is sad indeed but it seems so many Americans just do not know.

      But I guess if nothing else it is once again shown that Mark only claims to take security seriously but unfortunately does not in reality take it so (how many times has this happened? This being his account being breached. More than once, any way). And while it might not change much for facebook users the truth is them ignoring the "non-bug" is a reason why exploits are written and that is good because it forces the vendor to fix it (instead of ignoring the information given originally) which will be discovered eventually and maybe by someone who wants to cause harm.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.