Indian Hackers Receive $22000 For Finding a Critical Flaw in a Google Service: Here’s More About it

Security
By Sidharth Joseph
Google
Image Source: CNBC

We have previously come across a lot of instances when Google rewarded other people for finding an error or a flaw in their services. Two Indian ethical hackers has also now received a reward from Google for finding a flaw in one of its services.

Read more about it below.

Indian Hackers Receive $22000 From Google

Google often challenges program researchers and ethical hackers to find bugs in their services and if they are successful in finding an error or flaw, they’ll surely be rewarded with the great cash rewards

Indian hackers named Sriram KL and Shivnesh Ashok recently were able to get a reward of $22,000, which is about 18 lakhs in India rupees, for finding a critical flaw in the company’s Cloud Platform.

For both these ethical hackers, it was their first time exploring Google’s cloud platform and they started to by exploring the compute engine. There the researcher were able to come across something called “SSH-in-browser”

The feature uses the SSH protocol to let users access computer instances as if it is a virtual machine through a web browser. The bug identified by Sriram KL and Shivnesh Ashok would have allowed any outsiders to access the user’s computer very easily which is a serious flaw.

The company was informed about the critical flaw in the platform and the problem was resolved by adding an additional security feature called cross-site request forgery(CSRF) protection at the GET endpoints. It will also improve the way in which the platform verifies the domain.

Sriram KL and Shivnesh Ashok, the ethical hackers from India are just happy that they were able to identify the problem without much time. They have also explained the steps they took in finding the issue through their blogs as well.

 


Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More
You might also like More from author

Advertisement

If you think there is an error in reporting or we missed something, please report it to us via [email protected] or you can visit our news correction policy page.

 

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More