Facebook gives $10,000 to 10-year-old boy who found Instagram comments bug

Helsinki youngster spots flaw that removes any comment, “even Justin Bieber”

Facebook Like sign

A 10-year-old boy earned a $10,000 payday after reporting an Instagram bug to Facebook.

Jani, from Helsinki, Finland, discovered that he was able to delete any comment on Instagram, according to Finnish publication Iltalehti.

After reporting the vulnerability to Facebook's bug bounty programme along with proof by deleting a message on a Facebook-run test Instagram account, the social network fixed the problem in February.

Jani, who learned about computer security from YouTube tutorials, was then paid in March and spent the money on a brand new bike, football equipment and two computers for his brothers.

Advertisement
Advertisement - Article continues below

He said: "I would have been able to remove anyone, even Justin Bieber." 

"It would be my dream job," he added, on the topic of becoming a security researcher as a full-time profession. "Security is very important."

Jani is Facebook's youngest successful bug hunter, Facebook confirmed, though it is not uncommon for companies' bug bounty programmes to receive reports from teenagers from time to time.

Facebook has paid more than 800 security researchers $4.3 million for 2,400 bug reports since its bug bounty programme started in 2011.

Of the submissions it received last year, 102 were high-impact bugs, Facebook said, an increase of 38 per cent on the year before.

Security engineer Reginaldo Silva said in a February update about the programme: "The quality of reports we receive is getting better over time, both in terms of clear step-by-step instructions to reproduce the issue as well as thoughtful consideration of potential risk to people who use Facebook." 

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354195/where-modernisation-and-sustainability-meet-a-tale-of-two
Sponsored

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019