Indian girl gets over Rs 22 Lakh for spotting bug in Microsoft's Azure cloud system

A 20-year-old self-taught cybersecurity analyst and an ethical hacker named Aditi Singh has received a bounty of $30,000 (roughly over Rs 22 lakh) for detecting a bug in the Azure cloud system.

As per reports, Aditi found a similar bug in Facebook 2 months back and had won a bounty of $7500 (over Rs 5.5 lakh).

She said that both companies had a remote code execution (RCE) bug, which is relatively new and is currently not being paid much attention to, and through such bugs, hackers can get access to internal systems and the information they hold.

Two months ago, Aditi had spotted the RCE bug in Microsoft Azure and then informed the company about the bug but didn’t get any kind of response as the company was busy checking if anyone had downloaded the insecure version of the system.

Aditi explained the reason behind the RCE bug and said, ” developers should have first downloaded a Node Package Manager instead of writing the code directly,” further adding, “Developers should write codes only after they have the NPM.”

Aditi managed to find bugs in over 40 companies including Facebook, TikTok, Microsoft, Mozilla, Paytm, and HP. Aditi added that she became confident about ethical hacking after she discovered an OTP bypass bug in TikTok’s Forgot Password system.

The 20-year-old has also received appreciation letters from Harvard University, Columbia University, Stanford University, University of California and has also been highlighted in the Google hall of fame.