A Finnish boy was awarded $10,000 from Facebook after finding a flaw on its Instagram app that allowed him to delete any given comment on the social network.
The Washington Post reported that Jani, 10, whose last name was not released at his parents' request, informed Facebook and the company patched the problem in February.
The Facebook award, part of its Bug Bounty program, was actually given to Jani's parents. In total, the Bug Bounty program has paid out $4.3 million to 800 people since it was started in 2011.
"If you believe you have found a security vulnerability on Facebook, we encourage you to let us know right away,"
Facebook states on the program page. "We will investigate all legitimate reports and do our best to quickly fix the problem."
Facebook lists several qualifying products or acquisitions eligible for the Bug Bounty program, including Instagram, Internet.org/Free Basics, Moves, Oculus, Onavo, Open source projects by Facebook/Parse, and Parse.
The boy, from Helsinki, told the Finnish news site Iltalehti that he began sharpening his software security skills via YouTube, according to
VentureBeat.
"I would have been able to remove anyone, even Justin Bieber," Jani explained.
"Jani is the youngest person to be paid through Facebook's bug bounty program, to date," wrote VentureBeat. "While this is an impressive achievement, it's worth noting that it's not exactly new. Facebook gets reports from teenagers from time to time, and notes that it is not uncommon across the industry. The last youngest person to be paid a Facebook bug bounty was 13."
The boy said that he used the Facebook award to buy computers for his brothers, along with a new bike and football gear. Jani said that he would like to work as a security researcher in the future.
"It would be my dream job," the boy said. "Security is very important."
Facebook purchased Instagram in 2012 for $1 billion, which at the time was Facebook's largest acquisition to date,
according to The New York Times.
© 2025 Newsmax. All rights reserved.