Facebook has fixed a bug that allowed callers to listen to other users’ surroundings without permission before the person on the other end picked up the call. The bug was discovered by Natalie Silvanovich, a researcher part of Google’s Project Zero bug-hunting team. Facebook has added additional protections across other apps that use the same protocol for 1:1 calling. Facebook says it will match the $60,000 bounty to the researcher’s donation to GiveWell for a total of $120,000. The Project Zero researcher says she will donate the entire sum to the GiveWell Maximum Impact Fund.
Source: https://www.bleepingcomputer.com/news/security/facebook-messenger-bug-allowed-android-users-to-spy-on-each-other/