Facebook/Instagram Gave $10,000 To A 10-Year Old Boy – It Can Happen To You Too!

By Joe Nichols | May 05, 2016 12:35 AM EDT

TEXT SIZE    

A 10-year old boy from Finland disobeyed the rule that only those who are 13-year olds and above can have an account with Instagram. His disobedience later earned him $10,000 from Facebook when he revealed a flaw in Instagram's photo-sharing application.

Jani, the 10-year old boy from Helsinki found out that he could erase any written content on Instagram by altering code on its servers. Facebook reported to Forbes Magazine that the boy proved this can be done by deleting a company comment posted on a test account.

A spokesperson for the social media company added that the issue originated from a private application program interface which did not properly check if the person deleting the comment was the same person who posted it.

"I tested whether the comments section of Instagram can handle harmful code," said Jani to Italehti, a newspaper in Helsinki.

"Turns out it can't. I noticed that I can delete other people's comments from there. I could have deleted anyone's - like Justin Bieber's for example," Jani added.

The security flaw permitted the boy to delete comments and descriptions linked to Instagram photos by inserting malicious code inside the comment field.

Jani's parents refused to give his give his last name for their child's safety.

The Instagram photo-sharing app security flaw was revealed through the bug bounty program of the social media giant. After the boy proved that he was able to delete the comment from a test account, Facebook awarded the boy with his $10,000 bounty and a company team dutifully fixed the site's vulnerability.

The social media company gives a minimum of $500 for every valid disclosure. This amount increases based on the severity of the flaw. The boy's bug was regarded as impressive enough to qualify for the company's highest amount and led to his hefty reward.

pre post  |  next post
More Sections