In an inspiring news for all the techies, India’s Aditi got Rs. 22 lakhs bounty from Microsoft for finding a bug in its cloud system Azure. The 20-year-old ethical hacker started with hacking her neighbour’s WiFi and has never looked back ever since. Over the course of years, Aditi has emerged as a star bounty hunter and has found bugs in Facebook, Mozilla, Paytm, Ethereum, etc.
Details
20-year-old Aditi Singh identified a major security flaw in tech giant Microsoft’s cloud platform Azure. For her scrutiny and her technological prowess, Microsoft has awarded Ms. Aditi a bounty prize of Rs. 22 lakhs ($30,000). To say Aditi has been having a fantastic year will be an understatement. Just two months back she had identified a similar bug in Facebook and had won $7,500 as bounty (over Rs. 5.5 lakh).
Also Read: Indian Hacker rewarded Rs 22 Lakhs by Facebook for reporting malicious Instagram bug
What is bug bounty hunting?
Bug bounty hunting is a skill where highly-skilled ethical hackers detect security vulnerabilities and reveal the threats to the corporation instead of exploiting or spreading information about it. Given the ever-looming threats of cyber-attacks and the fact that such attacks can cause huge losses, major tech companies have started their own bug bounty programs where they reward hackers who identify and reveal threats in their tech products and services.
Also Read: 19 YO Kerela Boy finds a bug in Whatsapp. Gets a place in “Facebooks’s Bug Bounty Hall of Fame”
What Bug did Aditi Singh Find?
In her interview to India Today, Aditi said that she found an RCE (remote code execution) bug in Microsoft’s system. RCE is a relatively new bug, and thus not much attention is being paid to such bugs. Aditi further explained that the coders wrote the code directly, whereas what they should have done, was download a NPM (Node Package Manger). “Developers should write codes only after they have the NPM,” she said. It should be noted that this is the same type of bug she found under the hood of Facebook two months back.
Aditi Started with Hacking her Neighbour’s WiFi
Like most tech wizards, Aditi too started small and gradually swam into the deeper waters of ethical hacking. The 20-year-old first hacked into her neighbour’s WiFi, a feat she’s personally proud of.
The current tech wiz started just two years back while she was preparing for her medical entrance in Kota. Although she didn’t get into a medical school, she did find bugs in as many as 40 technology companies, including Facebook, Microsoft, TikTok, Ethereum, HP, Paytm and more.
Also Read: Indian man becomes Bug Bounty, wins Rs.36 Lakh from Microsoft
Receiving appreciation from Harvard, Standford, UCLA
Further, she has been a recipient of appreciation letters by Ivy League institutes such as Harvard University, Columbia University, UCLA, Stanford University. To add a cherry on top – Google has added Aditi in its hall of fame.
The self-taught master of security made the decision of delving completely into the world of ethical hacking after she reported an OTP bug in TikTok’s Forgot Password section. For that, she received a bounty of $1100 (approx Rs. 81,666) from TikTok.
Aditi’s word to ethical hacking aspirants
For ethical hacking aspirants, Aditi in her interview to India Today said that they should know a programming language like Python or JavaScript. Further, she also suggested doing a certification course called OSCP.
“There are multiple resources and Google, Twitter and Hacker One that have write-ups with explanations about ethical hacking,”
-she added.