This Indian boy discovered deficiency in Microsoft’s system, the corporate gave 36 lakh rupees

Microsoft gave a reward of about Rs 36 lakh to a safety researcher primarily based in Chennai. If you’re pondering that these prizes are given for successful a contest, then you might be incorrect. Really, Microsoft has an identification bounty program, underneath which the corporate rewards anybody who detects any downside of their system and one thing comparable was performed by Laxman Muthiya, a safety researcher primarily based in Chennai. Laxman found an issue with Microsoft’s on-line service that allowed anybody to entry any Microsoft consumer’s account with out his data.

Laxman has defined this incident intimately in his weblog The Zero Hack. He says that such an issue existed in Microsoft’s on-line service, on account of which any particular person may simply hack your Microsoft account and all this was potential with out your data. Allow us to inform you that after giving info to Microsoft, they’ve fastened this downside and Laxman has additionally been given a reward of $ 50,000 i.e. about 36 lakh rupees underneath the Bounty Program.

Laxman defined within the weblog that he had beforehand found an issue with Instagram, for which Fb rewarded him. Laxman then discovered that Microsoft was additionally utilizing an identical method to reset the account’s password. In such a state of affairs, Laxman considered testing this downside and located that on account of this downside right here additionally hackers can seize the account.

Though Laxman has defined this downside intimately in his weblog, however we clarify it to you in simple language. Really, when any Microsoft consumer resets the password of his account, the web site takes him to the password reset web page. Right here the consumer has to enter his cell quantity or electronic mail tackle. After this Microsoft sends a 7 digit OTP to that particular person and the consumer has to enter this code on the web page for verification. Now if an individual (hacker) bruteforces the mix of those 7 digit codes, then he can reset his password by himself with out that consumer understanding. Nevertheless, Laxman says that there are specific limits set within the system, which forestall him from attacking in giant numbers. It took Laxman a very long time to determine this downside.

Laxman additional defined that he recorded a video of him bypassing the system and despatched it to Microsoft, quickly after which Microsoft fastened it and rewarded Laxman.

Leave a Reply

Your email address will not be published. Required fields are marked *