Kerala boy wins Rs 1 crore for finding bugs in Google Cloud

In a world driven by technological advancements, where cybersecurity stands as an ever-present challenge, a Kerala boy KL Sreeram (22) has received a whopping Rs 1 crore from tech giant Google for finding security vulnerabilities in their product. 

Speaking with Republic, Sreeram said that what began as a serious hobby gradually evolved into a curiosity, driving him towards ethical hacking.

Sreeram spent 10 hours a week trying to find vulnerabilities in various products of Google. When he joined Btech in computer science in Chennai, he never wavered in his commitment. His research and domain expertise and the advantage of a young age allowed him to grasp the intricacies of cybersecurity at a fast pace.  

In 2022, the entrepreneur in him found like-minded people that lead to the formation of a company called Squadron Labs headquartered in Canada. 

Before Sreeram could complete his undergraduation, he bagged a reward of $1,30,000 (Rs 1.1 crore) from Google.

“I was able to find bugs in Google Cloud in 2022,” Sreeram said. 

“I found that if a user sends a link with malicious code to a Google Cloud subscriber, just by clicking on the link the entire cloud would be compromised!,” he added.

In August 2022, when he found this bug, he reported it to the Vulnerability Reward Program (VRP) team of Google through their portal in the form of a report. 

Usually, as per the process, Google would independently conduct research based on the report with their highly skilled team. After discovering the vulnerability reported, the findings are passed on to the panel of members in Google who decide on the reward program.  A year later, Google asked the ethical hackers to write a story on their findings of bugs and make it public.

“The Giant intended to promote people to get into ethical hacking, we had sent 4 of our reports and among the 7 selected globally, 3 of our reports were shortlisted,” said Sreeram.

He also credits a large part of his success to his friend Sivanesh Ashok. When asked about the nature of the company he had set up, Sreeram said that the founding team of four people have a mission to help smaller companies to find bugs in their coding and data.

“Barring, big tech companies, smaller ones cannot afford ethical hackers to test the vulnerabilities of their system. This is where Squadron Labs come in!” he added. 

Acknowledging his contribution, Google also invited Sreeram to their all-expense-paid annual event in Tokyo. The Squadron Lab team has already bagged three clients from India, Canada, and Slovakia. 

When asked where he plans to spend the reward he won with his hard work, he said that he would invest it in Squadron Labs.