India Provident Twitter Google India

Indian hackers win $22000 Google bug bounty for uncovering major vulnerabilities

Reading now: 285

Two Indian hackers have won a total cash reward of more than $22000 as bug bounty from Google. Bug bounties are rewards, usually cash prizes, given by major tech companies to individuals who identify an error or vulnerability in their computer program or system.

These particular bug bounties were awarded by Google to the Indian hacker duo for finding major security vulnerabilities in its Google Cloud Program (GCP) projects.

Among them, the biggest bounty was a server-side request forgery (SSRF) bug and subsequent patch bypass which earned them a cool $5000.The two Indians who won the bounties are Sreeram KL and Sivanesh Ashok who are both part of Google Vulnerability Rewards Program (VRP).

Sivanesh also posted a blog detailing the bugs and how they came across them. Posting about it on Twitter, he said, “A write-up about how@kl_sree and I found a bug in Google Cloud that allowed us to takeover a victim's compute engine VM”.The SSRF bug is especially a dangerous vulnerability to have.

The website is an aggregator of news from open sources. The source is indicated at the beginning and at the end of the announcement. You can send a complaint on the news if you find it unreliable.

Related News