Facebook’s youngest whitehat hacker is now a 10 year old from Finland. Known only as Jani, the boy discovered an exploit in Intsagram that lets you delete any comment whether or not you were the one who posted it. Apparently, Jani deleted a comment that Facebook posted on a test account created by the company on the popular photo sharing app, in order to confirm that the vulnerability was real. In turn, Facebook chose to reward the 10 year old hacker with $10,000, as part of its bug bounty program.
Facebook created their bug bounty program back in 2011, to offer cash reward incentives to anyone capable of finding, reporting and confirming vulnerabilities to the company. Since its launch, the program which is currently still ongoing, has gifted different bug-discovering individuals over $4.3 million in cash rewards. Particularly in 2015, the company’s program paid out as much as $936,000 to 210 researchers with $1,780 being the average amount paid out.
In a comment made to the Iltalehti Finnish publication, Jani claims that he would have been able to get rid of anyone, even Justin Bieber, which means the vulnerability was a pretty major one. In terms of where the vulnerability came from, Facebook stated that it surfaced from a private application programming interface that failed to verify if a user deleting a comment was the same user who posted it.
What is interesting is that Jani was able to discover the bug in one of the world’s largest media sharing app, thanks to skills he gained from simply watching YouTube videos. Perhaps this will also come in handy in making his dreams of being security expert in the future, a reality. As for what the boy plans to do with the money, he revealed that he looks forward to purchasing a new bicycle as well as football equipment.
What are your thoughts on Facebook’s youngest whitehat hacker? Let us know in the comments.