MALAPPURAM: It was his dream to become a cyber-security expert or ethical hacker, and English television series such as Mr Robot and Black Mirror inspired him to pursue it. The passion has landed Gokul Sudhakar, an engineering graduate from Mannarkkad, Palakkad, nearly Rs 25 lakh from a leading US-based financial technology company – reward for identifying a vulnerability in its online payment system.
“I recently identified a bug in the online system of the company, for which I received a $30,000 reward. They credited the money into my account on the condition that I never reveal the name of the company or the vulnerability in their system to anyone,” Gokul said.
The vulnerability in a third-party tool used by the company had provided access to its files through remote code execution (RCE), which allows an attacker to remotely execute malicious code on someone else’s computing device. The reward is one of the highest paid in recent times for reporting bugs.
“After finishing my BTech, I went on to do a four-month-long cyber security analyst course from a private institute in Perinthalmanna. The course introduced me to the basics of cyber security. With the help of YouTube and other online tutorials I delved deeper into the subject. This helped me identify the bug,” the 25-year-old said.
Gokul reported the bug on HackerOne, a bug-bounty platform that encourages ethical hackers to report vulnerabilities or bugs in an application. The rewards are decided based on the common vulnerability scoring system (CVSS), an industry standard for assessing the severity of the vulnerability, on a scale from 0-10. The bug reported by Gokul was assessed as a 10.
He has so far identified vulnerabilities in 20 online services, including those of an American coffeehouse chain and New Zealand-based email delivery service. Gokul, who has been working as a freelancer, aims to secure a regular job.
“There are many platforms seeking the services of freelance cyber security experts. I have been using those platforms to earn money,” Gokul said, adding, “it is not easy to get freelance gigs or find bugs regularly. So, now, I am trying for a regular job in the field of cyber security,” he added.
Gokul is son of retired teacher Sudhakar and Jalaja, a nurse by profession.