Helsinki, Finland is now home to Facebook’s youngest whitehat hacker. Although his last name is being withheld for obvious privacy reasons, a 10 year old boy named Jani found an exploit in Instagram that allowed him to delete any comment that he chose on the popular image sharing social platform. To confirm the vulnerability for Facebook, the child deleted a comment that the company made on a test account. In response, the social giant gave the hacking wunderkind a $10,000 prize as part of their bug bounty program.
“I would have been able to eliminate anyone,” Jani told the Finnish publication Iltalehti, “even Justin Bieber.” Facebook has revealed that the vulnerability was located in a private application programming interface that was failing to check whether the user making an action to delete a comment was the same user who posted it.
Jani says his prize money will go toward football equipment and a new bicycle. He hopes to be a security expert when he grows up, and it seems he’s well on his way. The skills he developed simply from watching YouTube videos allowed him to find a bug in one of the world’s largest social media platforms.
Facebook’s bug bounty program is an ongoing incentive that offers cash rewards to anyone who is able to report and verify vulnerabilities. In 2015 alone, the program paid out $936,000 to 210 researchers with the average payout landing at $1,780. Since its launch in 2011, the program has awarded over $4.3 million to bug-hunting researchers.
What do you think of Facebook’s youngest security defender? Let us know your take on this story in the comments below!