Last Updated:

Microsoft Awards $30,000 To Delhi Techie, Aditi Singh, For Spotting Bug In Azure System

Marking another technological genius, a 20-year-old ethical hacker from Delhi has won a bounty of $30,000 for spotting a bug in Microsoft’s Azure cloud system.

Microsoft

Image: RahulP2021/Twitter


Marking another technological genius, a 20-year-old ethical hacker from Delhi has won a bounty of $30,000 for spotting a bug in Microsoft’s Azure cloud system. Just two months ago, Aditi Singh had uncovered a similar bug in Facebook and was awarded US$7,500 for the same. Singh is employed as a professional bug hunter, who is responsible for scrounging the web and scanning the systems for bugs or flaws through which hackers can sneak in. These professionals are awarded cash every time they hunt down a bug.

Lesser-known bug

According to Singh, both the companies had a remote code execution (RCE) bug, which was relatively new and lesser-known. The self-taught techie explained that through such bugs hackers could get into the internal systems and access the personal information of the users. Elaborating further, she said that Microsoft had only fixed the bug that she had discovered indicating that there could be other bugs present in the system. According to Aditi, both Microsoft and Facebook wrote the code directly whereas they should have first downloaded Node Package Manager. 

Microsoft has only fixed the bug which I spotted two months back. They have not fixed all of them,” Singh told reporters adding that the tech giant took two months to respond as they were checking if anybody had downloaded its insecure version.

Earlier this month, another Indian ethical hacker has been awarded Rs 22 lakh by Facebook for discovering malicious bugs on the Instagram app. Despite the profile being private, the discovered bug allowed anyone to view archived posts, stories, reels, and IGTV without following the user. Due to this bug, it would have been easy for the hackers to gain illegal access to private details like-- pictures, videos of users without following them. After the complaint, Facebook had now addressed the bug.

Facebook awarded Fartade 22 lakh (3000$) and said, "The report highlighted a scenario that could have allowed a malicious user to view targeted media on Instagram. This scenario would require the attacker to know the specific media ID. We have fixed the issue. We look forward to receiving more reports from you in the future", read the statement.

Image: RahulP2021/Twitter

Get the latest entertainment news from India & around the world. Now follow your favourite television celebs and telly updates. Republic World is your one-stop destination for trending Bollywood news. Tune in today to stay updated with all the latest news and headlines from the world of entertainment.

First Published: