Dikhyaa Mohanty 
A 20-year-old ethical hacker, Aditi Singh from Delhi won a reward of $30,000 which is approximate Rs 22 Lakh for spotting a bug in Microsoft’s Azure cloud system.
According to the reports, two months back Aditi found a similar bug in Facebook and won a bounty of $7500 which approximately over Rs 5.5 lakh. She informs that both companies had a remote code execution (RCE) bug, which is relatively new and is currently not being paid much attention to. Through such bugs, hackers can get access to internal systems and the information they hold.
Aditi has been into ethical hacking for the past two years. She first hacked into her neighbour’s WiFi password and since then she has no looking back. She took interest in ethical hacking when she was preparing for NEET and her medical entrance in Kota. She didn’t get through in medical school but have found bugs in over 40 companies including Facebook, Tiktok, Microsoft, Mozilla, Paytm, Ethereum, HP, among others.
She has also received appreciation letters from Harvard University, Columbia University, Stanford University, University of California and has also been highlighted in the Google hall of fame.
The report further added that Aditi notes that it is not easy spotting bugs and that ethical hackers have to stay on top of their game about new bugs, so they can report about them and still be eligible for their payouts. She, however, also emphasises gaining knowledge and learning about ethical hacking first, rather than focussing on just making money.
She stated that Microsoft has only fixed the bug which she spotted two months back and they have not fixed all of them. She was the first one to spot the RCE bug and stated that the tech giant took two months to respond as they were checking if anybody had downloaded its insecure version.
Later she suggested that before even starting to find a bug, people should ask the support team of that company ask if they are hosting a bounty program, and if that company confirms about such a program, bounty hunters should go ahead.
Bug bounty hunters are mostly certified cybersecurity professionals or security researchers who crawl the web and scan the systems for bugs or flaws through which hackers can sneak in and alert the companies. If they are successful, they are rewarded with cash.
Image Source – Google
