Jump directly to the content
'GHOST' THANKED

Bayern Munich reward fan with signed Thomas Muller shirt… for HACKING their club website

BAYERN MUNICH have rewarded a hacker with a signed Thomas Muller shirt after he pointed out security flaws on their website.

Bayern fan Daniel "Ghost" Martins found users' details like names and financial information were at risk.

Daniel "Ghost" Martins exposed flaws on the website of his beloved Bayern
2
Daniel "Ghost" Martins exposed flaws on the website of his beloved Bayern
The information security expert was rewarded by Bayern for sending them a report detailing problems with their website
2
The information security expert was rewarded by Bayern for sending them a report detailing problems with their website

The "ethical hacker" says the German giants didn't reply to his concerns at first - but in the end were so grateful they gave him a top from their legendary Germany ace Muller.

Martins, 24, an expert in information security, alerted Bayern when he spotted weaknesses in their official website portal.

Personal data could have been exposed by the problem.

Not only that, a configuration flaw in the website servers meant commercial and confidential information about the club could have been breached.

READ MORE IN FOOTBALL

Martins wrote to Bayern, explaining how vulnerable their website was.

He said: "As soon as I found the fault, immediately, at dawn, I made a report and sent it to them. 

"They took a while to fix and didn't even respond to me at first. 

"But a journalist from (Daniel Mundim) saw this fact and helped me get in touch with them. Successfully. 

JOIN SUN VEGAS: GET A FREE £10 BONUS WITH 100s OF GAMES TO PLAY AND NO DEPOSIT REQUIRED (Ts&Cs apply)

"They corrected it, and as a way of thanking me they sent me a shirt signed by the club's biggest idol, Thomas Muller."

Bayern thanked Daniel for his "true"; information and asked to send a gift.

"Ghost" insisted he hacked their website purely to see if he could help them.

He said: "Because it is a team that I admire a lot and because I do what I do, I decided to explore the site to somehow help the team. 

"I explored, and found a vulnerability of the 'information disclosure' type, which roughly speaking is a kind of information leak due to bad configuration.

"Basically it occurs when a site unintentionally reveals confidential information to its users. Depending on the context, sites can leak all kinds of information to a potential attacker."

Topics