Social networking giant Facebook recently awarded $10,000 to a 10-year-old kid after he successfully discovered a bug hidden deep inside the code of photo-sharing application Instagram. The bug was considered as a major flaw and could have ruined the entire platform if it was exploited by malicious users.
While many were skeptical as to why Facebook would give such a large sum of money for a bug, market analysts estimate that Instagram is currently worth about $56 billion. The platform was acquired by Facebook in 2012 for a record $1 billion, according to Huffington Post.
The 10-year-old kid who discovered the bug was identified as Jani, and he resides in Helsinki, the capital city of Finland. In an interview with Finnish publication Illtalehti, Jani said, "I would have been able to eliminate anyone, even Justin Beiber."
The flaw discovered by Jani allowed him to delete any written content posted or shared on the social media platform. He was able to do this by simply altering a few lines of codes.
Jani aspires to be a security expert when he grows up. When he discovered the Instagram bug, he sent his discovery to Facebook via email. The social networking platform was able to verify his claim after Jani successfully deleted a comment created by a test account.
The bug was patched at the end of February. Jani was informed of the fix in March and subsequently received his monetary reward.
When asked what he plans to do with the money, Jani said that he is planning to buy a new bike, football gear, and new set of computers for his siblings. At 10 years old, Jani ousted the 13-year-old kid who previously hold the record as the youngest ever recipient of Facebook's bug bounty program, a campaign that gives out monetary rewards to who can successfully identify and report legitimate security loopholes.
According to The Verge, Facebook's bug bounty program was launched in 2011, and since then the tech giant has awarded more than $4.3 million worth of rewards to more than 800 security researchers. In 2015 alone, Facebook gave out $936,000 to 210 security researchers, with an average payout of $1,780.