Facebook Rewarded This 10-Year-Old With $10,000 After He Discovered A HUGE Security Flaw In Instagram


Josh Edelson/AFP/Getty Images

A 10-year-old boy genius from Finland just landed a cool $10,000 from social media magnate Facebook after discovering a pretty crucial coding flaw in Instagram, which Mark Zuckerberg & co. acquired for a measly $1 billion on April 9, 2012.

The photo sharing app has come a long way since then, and with it, there have been no shortage of concerns with hacking and security.

Enter the little Helsinki-based coding mastermind, Jani, who contacted Facebook directly after finding a backdoor way to edit users’ posts in some wonky coding. The kicker? At 10-years-old, Jani technically isn’t even old enough to register for Facebook on his own accord.

Forbes first reported the story:

The Helsinki-based wunderkind, according to Finnish publication Iltalehti, discovered he could alter code on Instagram servers to force delete users’ words. “I would have been able to eliminate anyone, even Justin Bieber,” he told the paper (translated).

Facebook told FORBES that Jani verified his report by deleting a comment the company posted on a test account. A spokesperson confirmed the bug was patched in late February and the $10,000 reward handed to Jani in March. The problem lay in a private application programming interface (the slice of code allowing certain outside access) that wasn’t properly checking the person deleting the comment was the same one who posted it, the spokesperson added.

Man, I can’t even imagine how damn smart that kid is. Reportedly, he’s the youngest ever to land Facebook’s “bug bounty,” having bested a 13-year-old with his prize. And what does he plan to do with it, you ask?

Simple: he plans to use the cash to scoop a new bike, football gear, and some sweet new computers for his siblings, according to an interview with Finnish paper, Iltalehti. Yeah, you know, some normal, not super-tech genius, brilliant person kinda stuff. Way to go, kid.

Since 2011, Facebook has reportedly dealt out more than $4.3 million in cash prizes to some 800 coders and developers who have found security flaws in their lines of code. They monetary payouts are calculated based on the level of security risk that the discovered bug presents, with the average winnings being $1,780 in 2015.

So, it sounds like whatever Jani found was a lot bigger than your average security risk. Phew. Now at least we can all sleep at night knowing that Justin Bieber’s Instagram account won’t be mysteriously deleted anytime soon…

[H/T The Verge]