Before he even reached the age requirement to make a Facebook account, a 10-year-old found a major flaw in Instagram, earning him a cool $10,000 from Facebook.
Jani (his parents withheld his last name, figured out a way to get into Instagram’s servers and delete text posted by Instagram users, Finnish news site Iltalehti reported.
Jani was rewarded $10,000 by Facebook as part of its bug bounty program, which offers cash rewards to people who find bugs and flaws in Facebook’s digital infrastructure. That includes the Facebook-owned Instagram.
He could delete what people wrote
The boy told Iltalehti that he could delete what people wrote on the picture-sharing social media, demonstrating it to Instagram by deleting a comment they made on a test account. Jani said he could even delete Justin Bieber’s comments with the flaw he found.
According to the boy’s father, Jani and his twin brother have found security flaws in websites before, but they haven’t been significant enough to justify a payout, until this one.
Facebook’s bug bounty program welcomes anyone to find bugs and flaws, and offers cash rewards to problems that are significant, similar to Google’s own security rewards program. According to the most recent release from Facebook, the company received over 13,000 submissions from researchers in 2015 alone, 526 of which were valid reports.
In 2015, Facebook paid out a total of $936,000 to 210 researchers, averaging about $1,780 per submission.