Bayern Munich fan Daniel ‘Ghost’ Martins has been rewarded by the German champions with a signed Thomas Muller shirt after hacking into the club’s website and spotting security flaws.
Martins is an expert in information security and opted to check the website of his beloved side to ‘somehow help the team’. He quickly found that there were configuration issues, and that confidential data including financial information was at risk of being exposed.
He reported his findings to the club, and after initially not receiving a response, he finally got a reply as Bayern thanked Martins by sending him a signed shirt.
‘As soon as I found the fault, immediately, at dawn, I made a report and sent it to them,’ Martins told The Sun. ‘They took a while to fix [it] and didn’t even respond to me at first.
‘But a journalist from Globo (Daniel Mundim) saw this fact and helped me get in touch with them. Successfully.
‘They corrected it, and as a way of thanking me they sent me a shirt signed by the club’s biggest idol, Thomas Muller.’
Muller has scored 228 goals in 637 games for Bayern, winning 11 German titles since breaking into the team in 2009.
Martins then went into further detail on exactly what the issue was that he discovered.
‘I explored, and found a vulnerability of the ‘information disclosure’ type, which roughly speaking is a kind of information leak due to bad configuration,’ he added.
‘Basically it occurs when a site unintentionally reveals confidential information to its users. Depending on the context, sites can leak all kinds of information to a potential attacker.’
Thanks to Martins, Bayern have now fixed this problem away from the pitch, and will now hope to solve their issues on it after the international break.