Delhi hacker wins $30,000 reward from Microsoft for finding bug in Azure cloud system
Skip to main content
  • Home
  • Economy
  • Stocks
  • Analysis
  • World+Biz
  • Sports
  • Features
  • Epaper
  • More
    • Subscribe
    • COVID-19
    • Bangladesh
    • Splash
    • Videos
    • Games
    • Long Read
    • Infograph
    • Interviews
    • Offbeat
    • Thoughts
    • Podcast
    • Quiz
    • Tech
    • Archive
    • Trial By Trivia
    • Magazine
    • Supplement
  • বাংলা
The Business Standard

Wednesday
July 06, 2022

Sign In
Subscribe
  • Home
  • Economy
  • Stocks
  • Analysis
  • World+Biz
  • Sports
  • Features
  • Epaper
  • More
    • Subscribe
    • COVID-19
    • Bangladesh
    • Splash
    • Videos
    • Games
    • Long Read
    • Infograph
    • Interviews
    • Offbeat
    • Thoughts
    • Podcast
    • Quiz
    • Tech
    • Archive
    • Trial By Trivia
    • Magazine
    • Supplement
  • বাংলা
WEDNESDAY, JULY 06, 2022
Delhi hacker wins $30,000 reward from Microsoft for finding bug in Azure cloud system

South Asia

TBS Report
29 June, 2021, 10:00 pm
Last modified: 29 June, 2021, 10:12 pm

Related News

  • UCB Stock Brokerage Ltd partners with Microsoft to shape the future of the financial industry in Bangladesh
  • Microsoft stops selling emotion-reading tech, limits face recognition
  • Microsoft cuts Russia operations due to Ukraine invasion
  • Microsoft to help cover US employees' travel costs for abortion
  • People should not reply to late night emails, work after shift timing, says Microsoft CEO Satya Nadella

Delhi hacker wins $30,000 reward from Microsoft for finding bug in Azure cloud system

Aditi Singh, who found a similar bug in Facebook just two months back and won a bounty of $7500, said that both companies had a remote code execution (RCE) bug, which is relatively new and is currently not being paid much attention to

TBS Report
29 June, 2021, 10:00 pm
Last modified: 29 June, 2021, 10:12 pm
Aditi Singh. Picture: Collected
Aditi Singh. Picture: Collected

A 20-year-old ethical hacker from the Indian capital of Delhi, has won a reward of $30,000 for spotting a bug in Microsoft's Azure cloud system.

Aditi Singh, who found a similar bug in Facebook just two months back and won a bounty of $7500, said that both companies had a remote code execution (RCE) bug, which is relatively new and is currently not being paid much attention to, reports the India Today.

Through such bugs, hackers can get access to internal systems and the information they hold.

Aditi notes that it is not easy spotting bugs and that ethical hackers have to stay on top of their game about new bugs, so they can report about them and still be eligible for their payouts. She, however, also emphasises on gaining knowledge and learning about ethical hacking first, rather than focussing on just making money.

"Microsoft has only fixed the bug which I spotted two months back. They have not fixed all of them," said Aditi, who was the first one to spot the RCE bug and said that the tech giant took two months to respond as they were checking if anybody had downloaded its insecure version. She suggests that before even starting to find a bug, people should ask the support team of that company ask if they are hosting a bounty program, and if that company confirms about such a program, bounty hunters should go ahead.

Bug bounty hunters are mostly certified cybersecurity professionals or security researchers who crawl the web and scan the systems for bugs or flaws through which hackers can sneak in and alert the companies. If they are successful, they are rewarded with cash.

Talking about the RCE bug spotted in Facebook and Microsoft, Aditi explains that the developers wrote the code directly when they should have the first download a Node Package Manager -- which is a subsidiary of GitHub where anybody can access the codes from these companies as they are open-sourced.

"Developers should write codes only after they have the NPM," she said.

Aditi has been into ethical hacking for the past two years. She first hacked into her neighbour's WiFi password (which she considers a personal feat), and there has been no looking back ever since.

"I took an interest in ethical hacking when I was preparing for NEET, my medical entrance in Kota," Aditi said.

"I didn't get through in medical school but have found bugs in over 40 companies including Facebook, Tiktok, Microsoft, Mozilla, Paytm, Ethereum, HP, among others."

She has also received appreciation letters from Harvard University, Columbia University, Stanford University, University of California and has also been highlighted in the Google hall of fame.

"I was certain I wanted to get into ethical hacking after I reported an OTP bypass bug in TikTok's Forgot Password section and won a bounty of $1100," added Aditi, who is self-taught and notes that anyone who can access Google and Twitter can become an ethical hacker.

"There are multiple resources and Google, Twitter and Hacker One that have write-ups with explanations about ethical hacking," Aditi said.

She further added sthat she was hired for a job after hacking into the company's application.

"They did not ask for my qualification but only saw my skills, and I was hired."

Aditi notes that if people want to get into advanced learning of hacking, then they should know a programming language -- either Python or JavaScript. She also suggests OSCP, which is a certificate course aimed at helping bussing ethical hackers.

When asked where she spends her "bounty", and she said most of it goes into buying hacking tools or spending on certificate courses about hacking.

Tech / Top News / World+Biz

bug / Microsoft / Azure Cloud System

Comments

While most comments will be posted if they are on-topic and not abusive, moderation decisions are subjective. Published comments are readers’ own views and The Business Standard does not endorse any of the readers’ comments.

Top Stories

  • Area-wise load shedding schedule will be announced: PM
    Area-wise load shedding schedule will be announced: PM
  • China-led trade bloc holds promise, with some caveats
    China-led trade bloc holds promise, with some caveats
  • State Minister for Power, Energy and Mineral Resources Nasrul Hamid. Photo: Collected
    Load shedding, power crisis will not last long: State minister

MOST VIEWED

  • Photo: Collected
    Waterlogged Mumbai on alert for heavy rain
  • Photo: Collected
    Ajmer Dargah man who announced reward on Nupur Sharma's head arrested
  • A 3D-printed logo for Twitter is seen in this picture illustration made in Zenica, Bosnia and Herzegovina on January 26, 2016/Reuters
    Twitter seeks judicial review of Indian orders to take down content
  • Photo: Collected
    Indian shares rise as Bajaj Finance boosts financials, crude oil cools
  • Photo: BBC
    Sri Lankans return to cooking with firewood as economy burns
  • A man displays new 2000 Indian rupee banknotes after withdrawing them from a State Bank of India (SBI) branch in Kolkata, India on 10 November 2016. Photo: Reuters
    India's crisis buffers are part optical illusion

Related News

  • UCB Stock Brokerage Ltd partners with Microsoft to shape the future of the financial industry in Bangladesh
  • Microsoft stops selling emotion-reading tech, limits face recognition
  • Microsoft cuts Russia operations due to Ukraine invasion
  • Microsoft to help cover US employees' travel costs for abortion
  • People should not reply to late night emails, work after shift timing, says Microsoft CEO Satya Nadella

Features

The sea beach in Kuakata. Photo: Syed Mehedy Hasan

Five places in Southern Bangladesh you could visit via Padma Bridge

2h | Explorer
Genex Infosys Limited is the country's largest call centre with more than 2,000 seats and full-set equipment. Photo: Courtesy

How domestic demand made Genex Infosys a BPO industry leader

3h | Panorama
The OPEC+ group of 23 oil-exporting countries met virtually on Thursday. Photo: Bloomberg

OPEC+ did its job, but don’t expect it to disappear

1d | Panorama
Mirza Abdul Kader Sardar with AK Fazlul Haque, Chief Minister of Bengal, at Haque's reception at the Lion Cinema, Dhaka, 1941. Photo: Collected

Panchayats: Where tradition clings to survival

1d | Panorama

More Videos from TBS

Photo: TBS

Cristiano Ronaldo looking for a new challenge

1h | Videos
Tufan, Sultan catch attention of the buyers

Tufan, Sultan catch attention of the buyers

1h | Videos
Sheikh Kamal Business Incubator to be inaugurated at CUET Wednesday

Sheikh Kamal Business Incubator to be inaugurated at CUET Wednesday

16h | Videos
Tejgaon becoming uninhabitable for illegal rickshaw garages, truck stands

Tejgaon becoming uninhabitable for illegal rickshaw garages, truck stands

16h | Videos

Most Read

1
Photo: Collected
Africa

Uganda discovers gold deposits worth 12 trillion USD

2
TBS Illustration
Education

Universities may launch online classes again after Eid

3
Meet the man behind 'Azke amar mon balo nei'
Splash

Meet the man behind 'Azke amar mon balo nei'

4
Build Dhaka East-West Elevated Expressway, relocate kitchen markets: PM
Bangladesh

Build Dhaka East-West Elevated Expressway, relocate kitchen markets: PM

5
File Photo: BSS
Energy

India pulls out of LoC funding for part of Rooppur power transmission work

6
Illustration: TBS
Interviews

‘No Bangladeshi company has the business model for exporting agricultural product’

EMAIL US
contact@tbsnews.net
FOLLOW US
WHATSAPP
+880 1847416158
The Business Standard
  • About Us
  • Contact us
  • Sitemap
  • Privacy Policy
  • Comment Policy
Copyright © 2022
The Business Standard All rights reserved
Technical Partner: RSI Lab
BENEATH THE SURFACE
A customer checks a knife at a blacksmith’s shop at the capital’s Karwan Bazar. Knives and other Qurbani tools are in huge demand as the country prepares to celebrate Eid-Ul-Azha. Photo: Rajib Dhar

Contact Us

The Business Standard

Main Office -4/A, Eskaton Garden, Dhaka- 1000

Phone: +8801847 416158 - 59

Send Opinion articles to - oped.tbs@gmail.com

For advertisement- sales@tbsnews.net