Wednesday, 11 May 2016

Facebook Pays $10,000 to 10-year-old Instagram Hacker

Instagram

Youngest Recipient of Facebook’s `Bug Bounty’


A 10-year old Finnish boy has been rewarded a sum of $10,000 by social media giant Facebook for locating a malfunction in its picture sharing app Instagram. The last name of Jani has not been revealed for privacy reason who is the youngest ever recipient of Facebook’s `bug bounty’ paid to users who tend to find bugs or flaws in its platforms. Jani had informed Finland’s Iltalehti newspaper that he wanted to see if Instagram’s comment field could stand malicious code and it turned out that it could not.

Facebook stated that the malfunction had been fixed in February and the reward had been paid in March. Jani who is yet too young to have a Facebook or Instagram account of his own, informed that he learned coding from Youtube videos and identified a way to delete user comments from Instagram accounts. He informed Iltalehti that he could have deleted anybody’s comment from there. He stated that he was thinking about a career in data security though for the moment his plans comprise of buying a new bike and a football with the reward money.

Not Unusual for Teenagers to Submit Reports to Program


Since 2011, Facebook has been running its `bug bounty program, which had been rewarding hackers when they report problems of tech and security. Since its launch, Facebook’s bug bounty had awarded over $4.3 million to more than 800 researchers across the world where the program tends to determine the pay-out based on the risk of the bug instead of how complex it could be. In 2015 alone, 210 researchers had received $936,000 with an average pay-out of $1,780.

A Facebook spokesperson informed CNNMoney that it is not unusual for teenagers to submit reports to the program. Several tech companies tend to offer similar programs to hackers who seem to report cyber-security susceptibilities. Uber had recently started offering $10,000 rewards for every critical problem which were identified by the hackers. AT&T payments range from $100 to $5,000, while Google tends to pay between $100 to $20,000.The Finnish boy has become the youngest recipient of cash from Facebook for hacking its products.

Created Test Instagram Account


The earlier record had been set by a 13 year old way back in 2013 which means that his latest young hacker is the first person to crash a Facebook product which are not technically even able to utilise considering that it is supposed to be limited to below 13s. The company had informed Forbes that while poking around where he should not have been, Jani found that he could change code on Instagram’s server and force deletes the posts of users.

This had been confirmed by Facebook utilising a test account and had patched it in February. It is not clear how Jani had identified the vulnerability. Iltalehti had reported that Jani together with his brother had a habit of watching videos regarding computer security on YouTube. The bug was a problem with Instagram’s application program interface of API, on how the app tends to communicate with the server.


If one has to erase a remark from Instagram, the API seems to check that you have the authority to delete the comment. After Jani had informed Facebook regarding the problem, the company had created a test Instagram account and had posted a comment. Facebook had then asked him to go ahead and delete the comment.

No comments:

Post a comment

Note: only a member of this blog may post a comment.