Kulgam’s Tech prodigy enters Apple’s ‘Hall Of Fame’ for uncovering critical data vulnerability
Umaisar Gull Ganie
Kulgam, Oct 02 (KNO): In a remarkable achievement in the world of ethical hacking, a 21-year-old cybersecurity researcher from South Kashmir’s Kulgam district has earned a coveted spot in Apple’s renowned ‘Hall of Fame’ due to his exceptional skills.
Muneeb Amin Bhat, a resident of Zungalpora, has received recognition from Apple, the renowned American multinational technology company, for his pivotal role in identifying a critical vulnerability within their systems that had the potential to result in a substantial iCloud data breach.
Talking to the news agency—Kashmir News Observer (KNO), Muneeb disclosed that the vulnerability he discovered exposed sensitive iCloud data, including personal photos, videos, PDF files, and the usernames and email addresses of iCloud users.
Initially, Muneeb stumbled upon data from approximately 50,000 users.
However, further investigation revealed that this vulnerability posed a risk to a much larger user base.
“This issue wasn’t confined to just those initial 50,000 users; it posed a risk to almost all users, with new user data being compromised daily. I promptly reported this to Apple three months ago, and they acknowledged my findings,” Muneeb explained.
Collaborating closely with Apple, Muneeb delved into the complexity of the vulnerability, examining its potential for exploitation and replication. Following rigorous analysis and testing, Apple released a crucial service update to rectify the issue.
“After confirming the successful implementation of the fix, Apple has now recognized my contributions by featuring me in their Hall of Fame on their official website, acknowledging my role as a security researcher. They have also mentioned the possibility of a bounty, which is currently under review by their team,” Muneeb said.
In their effort to appreciate those who have played a part in bolstering their security systems in August 2023, Apple published a dedicated page on their official website on September 7, 2023, listing Muneeb and several others from around the world.
This page, titled ‘Apple Web Server Security Acknowledgments,’ serves as a testament to their commitment to cybersecurity.
Over the years, Muneeb has earned a reputation as a dedicated bug bounty hunter, ethically uncovering vulnerabilities in numerous companies, including industry giants such as Apple, Oracle, Intel, McDonald’s, and USA Bank.
Although initially pursuing a B.Tech degree at SSM College, Muneeb made the bold decision to follow his passion for cybersecurity and subsequently enrolled in BCA through IGNOU. He now has his sights set on the OSCF exam, a highly respected certification in the cybersecurity field.
Muneeb stressed the importance of responsible disclosure of security vulnerabilities, a hallmark of ethical hacking.
“When I identify these flaws, I promptly report them to the affected organizations, assisting them in securing their systems. In return, I have received numerous Hall of Fame mentions, bounties worth lakhs, and other rewards,” he said.
Furthermore, Muneeb has been actively involved in identifying vulnerabilities in several websites of leading institutions in Kashmir and notifying them through various channels. He expressed concern that the lack of response from these companies (institutions) could make them targets for hackers, emphasizing the need for greater cybersecurity awareness in the valley.
Muneeb, an ethical hacker and cybersecurity researcher, firmly distinguishes between two types of hackers: ethical and unethical. He passionately advocates for the role of ethical hackers in improving cybersecurity while condemning the actions of unethical hackers that tarnish the profession.
“This fascination with cybersecurity began when I was just in the fourth grade, and over the years, it has evolved into my true passion. I have been fortunate to achieve significant success in this field,” Muneeb stated, highlighting the vast opportunities that cyber security presents in today’s digital era—(KNO)