Major problem with Instagram: how you became a safe victim in front of hackers

Might this go away Bidenre Trump?

One in every of Iran's foremost nuclear scientists, Mohsen Farizade, was killed in his automotive final Friday. A senior US authorities official stated...

not in Venezuela and sure in Ghana

As a "impartial observer with full assure", the European Union (EU) deploys its Electoral Commentary Missions (EOM) around the globe, which is not going...

US urges Bulgaria to desert building of Belene nuclear energy plant close to Romania

Belene is situated close to the Danube, at an equal distance between Zimnicea and Turnu Măgurele. This system has been suspended a number of...

The destiny of a post-Brexit settlement within the arms of Boris Johnson and Ursula von der Leyen. The 2 meet at this time

Either side, who say they nonetheless wish to attain an settlement, hope {that a} dialogue between the 2 officers can unblock the stalemate....

Russia began vaccinating the inhabitants with its personal corona vaccine

Russia began on a comparatively small scale with the vaccination program in opposition to the corona virus on Saturday. Vaccination facilities have been...

In a report, Check Point researchers revealed details of a critical vulnerability in the Android app for Instagram. It would have allowed the attackers to take remote control over a targeted device just by sending a specially created image to the victims’ phones.

The problem not only allows hackers to perform actions on behalf of the user within the Instagram application, including spying on the victim’s private messages and even deleting or posting photos from their accounts, but can even execute code on the device.

The Instagram issue has been kept secret

right a message posted by Facebook, the security issue affects all versions of Instagram before 128.0.0.26.128. “This vulnerability makes the device a tool to spy on targeted users without their knowledge, and allows malicious manipulation of their Instagram profile,” Check Point Research said in their analysis. “In both cases, the attack could lead to a massive invasion of user privacy and damage its reputation, or it could lead to even more serious security risks.”

After the findings were reported on Facebook, the company addressed the issue with an update released six months ago.

The disclosure has been delayed all this time to allow most Instagram users to update the app, thus reducing the risk that this vulnerability may introduce.

Hackers could access your phone applications

Conform Check Point, memory corruption vulnerability allows remote code execution that, given Instagram’s extensive permissions to access a user’s camera, contacts, GPS, photo gallery, and microphone, could be leveraged to perform any malicious action on infected device.

As for the error itself, it comes from the way Instagram integrated MozJPEG, causing an overload when the function in question tries to analyze a malicious image with specially created dimensions.

The consequence of such a vulnerability is that all a potentially malicious actor has to do is send a corrupt JPEG image to a victim via email or WhatsApp.

Once the recipient saves the image on the device and launches Instagram, the exploitation takes place automatically, giving the attacker full control over the application.

Although Facebook has confirmed that there were no signs that this bug has been exploited globally, the incident is a good reminder of the importance of constantly updating applications and taking into account the permissions you grant them.

trending

Related Articles