10-year-old gets $10,000 bounty for finding Instagram vulnerability

(credit: Instagram)

A 10-year-old schoolboy from Finland has become the youngest recipient of a £7,000 ($10,000) award under Facebook’s bug bounty program, after he found a vulnerability that allowed anyone to delete comments on Instagram simply by planting malicious code into the photo-sharing app.

Jani—who at the tender age of 10 is considered too young to use Facebook by the company’s own rules—outshines an unnamed 13-year-old cyber enthusiast, who once held the title of the youngest person to receive a bug bounty reward from the free content ad network.

In fact, the Finnish kid might well be the youngest publicly acknowledged bounty hunter—a title that appeared to have been previously held by Alex Miller from California, who received £2,000 from Mozilla back in 2010 at the age of 12.

Read 6 remaining paragraphs | Comments