A 10-year-old boy named Jani, has been rewarded a bug bounty of $10,000 (£6,900) after he hacked Instagram and reported it to the Facebook. This kid Jani, who is not yet old enough to have an Instagram account of his own, claimed that he was able to delete comments and captions on high profile accounts, including that of Justin Bieber.
This is not the first time when Instagram had a critical security flaw. In December 2015, Wesley Wineberg managed to crack his way through Instagram defenses and almost get complete control over the service.
Jani and his twin brother have been discovering security flaws in other websites but this was the first time when they decided to officially alert the social media giant, according to their father. He didn’t actually breach any user information on Instagram’s servers, but demonstrated the hack by deleting comment on a test account. After finding the vulnerability, Jani sent an email to Instagram. Instagram responded that it had fixed the security flaw also rewarded him with $10,000.
In 2015, Facebook reportedly paid out $936,000 to 210 different researchers, out of a grand total of 13,000 submissions. Out of those 102 submissions were considered “high impact.”
Jani and his brother have found a couple of security flaws in other websites in the past, but the Instagram one is their biggest finding to date. The $10,000 is the first monetary reward that either of the boys has received for their findings so far and in a interview Jani had planned to spend the bounty on a new bike and football.
