A bug-hunting Indian researcher made a million dollars, here’s how

#Apple #CyberSecurity #Google

Aman Pandey is an Indian cybersecurity researcher
He became the top researcher in Google's Android Vulnerability Reward Program (VRP) programme
Aman’s company Bugsmirror received $ 8.7 crore from Google

Written By:Sudipta

Updated: February 16 2022 08:32:10 PM ET New Delhi, Delhi, India

A
man from Madhya Pradesh’s Indore turned a millionaire by detecting bugs in the
applications made by Google, Samsung, and Apple.

Also Read: Google Chrome alert: Indian govt issues ‘high severity’ vulnerability warning

Aman
Pandey, a cybersecurity researcher, started a company “Bugsmirror”
after he was rewarded with Rs 70000 by Google for finding a bug in one of their
applications in 2019, while he was still studying.

Speaking
to ANI, Aman said, “I along with the Co-founder of “Bugsmirror”,
Manas, have found more than 600 bugs in various applications of Google, and the
company has paid us crores of rupees in return. We have also found bugs in the
applications of companies like Samsung and Apple.”

Also Read: Google Chrome gets a new logo after eight years; spot the difference

Bugsmirror
received $8.7 million as part of Google’s Vulnerability Reward Programme (VRP) in
2021.

Pandey’s
company is now getting business contracts from Indian companies as well.
“Till now we had only international clients but now Indian customers are
also coming to us for security audits of their products,” he said.

Also Read: Amazon sees big surge in value a day after Meta saw record loss

The
startup has 15 employees, including two founders.

Top researcher

In
a blog post, Google has rated Aman as one of the top researchers of the tech
giant’s Vulnerability Reward Program (VRP) last year. Pandey uncovered and
submitted 232 vulnerabilities in Android just last year. He had been reporting
flaws since 2019 and has so far submitted over 280 valid vulnerabilities to the
Android program, according to the blog post.

Also Read: India slams Google, Twitter, Facebook for inaction on fake news, seeks stricter action

Most
tech companies such as Apple, Google, Microsoft and others pay researchers for
any ‘bugs’ or software flaws that these researchers can locate in their
products. The rewards are popularly called ‘Bugs bounty.’

Also Read: Google’s Q4 ad sales soar again, parent Alphabet plans to split stock

“I
have been working on security research for almost four years now. And the
Bugsmirror team’s incessant passion and hard-work towards security research has
helped us to indigenously design and develop applications embedded with
algorithms. These helped us locate vulnerabilities at an unmatched speed and
accuracy. Programs like this (Google’s) helped not just research companies like
ours, but even general users in understanding the importance of privacy and
security research,” Pandey was quoted as saying by the Indian Express.