Generally speaking, hackers are tracked down and punished for hacking data that does not belong to them. This is not the case with Alex Birsan, a hacker who has managed to hack 35 large companies, including Microsoft, Spotify, Netflix, Apple and Tesla.
Not all hackers are criminals who threaten the data and fortunes of many entities and individuals. For righteous hackers, there are even challenges – called Bug Bounty – that earn them large sums of money. Recently, security researcher Alex Birsan won $ 130,000 through this challenge. To be rewarded, he notably succeeded in the feat of hacking 35 large companies, allowing them to correct their weaknesses before real hackers exploit them. Among the companies affected we can name Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla and Uber, reported Gizmodo.
Read alsoThe explosion of cyber attacks in 2020 worries the Anssi
The maximum bonus was notably granted by Microsoft which gave it $ 40,000, followed by PayPal which paid $ 30,000. Of course, Alex Birsan informed companies in advance that he was going to test the security of their systems, but did not provide them with further details. The process employed by the researcher is quite complex, but in essence, he discovered that some code packages internal to large companies were unintentionally published in public repositories like GitHub. This means that because of this flaw, hackers can upload malware to open source repositories, and these viruses would then be automatically introduced into a company’s system.
Thanks to Alex Birsan, this flaw has been fixed by the companies concerned, preventing malicious hackers from misusing it.