indian hacker hired by facebook

Introduction：

1、Did a boy from Bihar ‘hack’ Google and receive job offer from the company？

2、Fully Homomorphic Encryption (FHE) with silicon photonics – the future of secure computing

Did a boy from Bihar ‘hack’ Google and receive job offer from the company？ ♂

　　As per a viral claim making the rounds on social media, Rituraj Chaudhary, a student living in Bihar’s Begusarai purportedly hacked Google for 51 seconds, after which the tech giant sent him a Rs 3.66 crore job offer. It has also been claimed that Rituraj, a second-year student at IIT Manipur, did not have a passport. Google reached out to the Indian government and got a passport made for him in two hours and also arranged for a private jet for his travel to the United States.

　　Reality show ‘Bigg Boss 12’ contestant and singer Deepak Thakur promoted the claim in a long Facebook post, which has since been deleted.

　　Writers Communty Director Ankit Dev Arpan also amplified the claim on Facebook, writing, “One Bihari shook up Google overnight, and here people say that Biharis haven’t achieved anything beyond being famous for litti chokha.”

　　Twitter handle ?? ??? We The People also shared the viral claim. A Facebook page called Bhumihar wrote a similar post which garnered over 9,000 likes and was shared by more than 1,000 users at the time of writing.

　　The claim is widespread on Facebook and Twitter.

　　Fact-check

　　Alt News contacted Rituraj for more information. He revealed that he had reported a bug on Google’s Bug Hunters website, for which he got an acknowledgement mail. Neither did he hack Google nor has he been offered a joining letter from the company. The additional details about him getting a passport in two hours and going to the US by private jet are also completely fabricated.

　　He also clarified that he is not a student of IIT Manipur, but attends IIIT in the same state. In fact, there is no IIT in Manipur.

　　Alt News also found Riruraj’s name in the ‘Honorable mentions’ on Google’s Bug Hunters website as shown below.

　　He had submitted his first report on January 25.

　　In an interview with the News18 Bihar Jharkhand news channel, he revealed that while he was aspiring for IIT but could not get admission hence, enrolled in IIIT Manipur.

　　IIIT Manipur is a technical institute funded by the Manipur government under a Public-Private Partnership (PPP) model. To get admission in both IIT and IIIT, applicants must clear the IIT-JEE exam. Whether they can be admitted to IIT or IIIT is determined based on their rank in the qualifying exam. Those with the highest rank are eligible for admission in IITs and the students who score lesser get admitted to NITs and IIITs. Rituraj also told us the basic difference between IITs and IIITs was that the IITs (Indian Institute of Technology) offer B.Tech, M.Tech, Dual Degree, and PhD programs in several specialisations whereas IIIT (Indian Institute of Information Technology) focuses on providing technical education in information technology and communication studies.

　　Outlets like ABP News, Zee Bihar Jharkhand, News24, News18 Bihar Jharkhand, ETV Bharat Bihar all reported that Rituraj was a student of IIT Manipur. TV9 Bharatvarsh, DNA, ABP News, NDTV, News9, BGR, Bihar Express, Kalinga TV among others also claimed that he was enrolled in IIT Manipur.

　　In its fact-check report, DNA identified Rituraj as a student of IIT Manipur.

Fully Homomorphic Encryption (FHE) with silicon photonics – the future of secure computing ♂

　　He showed his proof of concept on a video on his blog, before Facebook verified the issue and rewarded him.

　　$15,000 seems like a measley bounty considering the massive publicity disaster that the company avoided. Facebook issues bug bounties based on the damage they could do, and a bug like the one discovered by Prakash, while relatively simple, could potentially allow attackers full access to any account.

　　‘Ultimately we pay these bounties to protect Facebook users, so the more users it could affect and the more damage it could do, the higher the impact,’ Facebook says on its site. ‘Would this bug allow someone to access private Facebook data? Delete Facebook data? Modify an account? Can you run JavaScript under facebook.com? These are high-impact vulnerabilities, and this is the most important attribute we consider.’

　　> See also: Facebook denies fresh allegations that it DOES collect the text you decided against posting

　　329 people have received a bounty so far, including professional researchers, students and amateurs. The youngest receipient was 13 years old, and the largest bounty to date was $33,500, paid out to a Brazillian security researcher in 2014. Because it was a ‘remote code execution vulnerability’ that allows attacks to throw malware at surfers visiting a vulnerable website, it was categorised by Facebook as the most serious category of risk.

Related questions

Hiring a hacker is illegal in most jurisdictions if the intent is to engage in unauthorized activities, such as accessing systems without permission, stealing data, or causing harm. Below is a detailed breakdown:

1. Legal Context: Unauthorized Hacking

• Criminal Liability:
  • Conspiracy/Aiding & Abetting: Hiring a hacker for illegal purposes (e.g., breaching a system, stealing data) makes you complicit under laws like the U.S. Computer Fraud and Abuse Act (CFAA), the UK’s Computer Misuse Act, or the EU’s General Data Protection Regulation (GDPR). These laws penalize both the hacker and those who commission the crime.
  • Penalties: Fines, imprisonment (e.g., CFAA violations can lead to 10+ years in prison for severe cases), and restitution for damages.
• Civil Liability: Victims can sue for financial losses, reputational harm, or data breach-related damages.

2. Ethical Hacking (Legal Exceptions)

• Authorized Activities: Hiring a hacker for penetration testing or cybersecurity audits is legal if done with explicit, written permission from the system owner. Ethical hackers operate under strict agreements and scope definitions.

3. Jurisdictional Variations

• Laws differ globally, but most countries criminalize unauthorized hacking. For example:
  • U.S.: CFAA prosecutes both domestic and international actors affecting U.S. systems.
  • EU: GDPR imposes heavy fines for data breaches, even if the hacker is abroad.
  • Extradition: Cross-border cases may lead to international legal action.

4. Risks Beyond Legality

• Scams: Fake hackers may extort money or leak your involvement.
• Reputation Damage: Being linked to cybercrime can harm personal or business credibility.

5. Advice

• Consult a Lawyer: To navigate legal nuances in your jurisdiction.
• Use Ethical Channels: For cybersecurity needs, hire certified professionals (e.g., CEH-certified experts) with formal agreements.

In short, hiring a hacker for malicious purposes is illegal and carries significant risks. Always seek authorized, ethical solutions for cybersecurity needs.