If anyone discovers flaw in any website or software products and then reveals that flaw to the organization, bug hunter could avail bounty reward. However in US, Security Researcher was arrested after he discovered and reported the SQL Injection Flaw on Elections Site in US.
Security Researcher Arrested For Revealing US Election Website’s Flaws
Security Researcher namely David Levin was put behind the bars after he disclosed and exploited SQL injection vulnerabilities that disclosed admin credentials in the Lee County elections website.
According to the Florida Department of Law Enforcement, 31 year old man broke into Lee County State elections website on 19 December. The arrested man also uses Twitter under username @realdavidlevin. Levin was put behind the bars for six hours last wednesday and was later released on a $15,000 bond.
Police claimed that Levin was jailed for illegally gaining access on websites in three different incidents. To recall, the first incident took place on December 19, 2015 and in this incident Levin illegally accessed the Lee County Elections website. The next incident happened on January 4 & 13 respectively, Levin also broke into the Department the State Elections website.
In the video, which is publicly released on YouTube, Levin debated how a simple SQL injection launched against the website resulted in theft of data from the database of elections website as it had not encryption.
During the raid by cops, Levins Laptop, smartphone and storage devices were also seized.
Levin also runs company with name as Vanguard Cyber Security, he was seen debating with Dan Sinclair on the the video posted on YouTube, describing how he hacked into the website which had a vulnerability by using a simple SQL injection flaw.