Skip to main content

Facebook rewarded a 10-year-old with $10,000 for finding Instagram security flaw

Facebook rewarded a 10-year-old with $10,000 for finding Instagram security flaw

Share this story

Justin Sullivan/Getty Images

Earlier this year, a 10-year-old — who is not even old enough to sign up on Facebook — impressed Mark Zuckerberg by hacking Instagram, the photo-sharing application owned by Facebook. The Helsinki-based boy genius, called Jani, received $10,000 from Facebook for identifying a security bug, Forbes reported.

Jani uncovered a flaw that allowed him to delete any written content on the social media platform by altering the code. "I would have been able to eliminate anyone, even Justin Bieber," the wunderkind told Finnish publication Iltalehti.

An aspiring security expert, Jani sent his discovery to Facebook via email. He verified his report by deleting a comment the company posted on a test account, a spokesperson told Forbes. The bug was resolved at the end of February. In March, the tech giant informed Jani of the fix and gave him his monetary reward.

Facebook's youngest white hat hacker

Jani plans to use the reward to buy a new bike, football gear, and new computers for his brothers, he said in the interview with Iltalehti. He ousted a 13-year-old to become the youngest ever recipient of Facebook's bug bounty program, which offers rewards to people who identify and report legitimate security risks.

Since it launched in 2011, Facebook's bug bounty has awarded over $4.3 million to more than 800 researchers. The program determines the payout based on a bug's risk, rather than how complex it may be. In 2015 alone, 210 researchers received $936,000 with an average payout of $1,780.


Facebook is building a new way to connect to the internet