Explorer

Instagram Fixes Critical Vulnerability; Know How Devices Can Be Hacked By Sending Malicious Photos

An attack can be launched even when such a malicious image is sent via email or WhatsApp and then saved on a victim's device.

New Delhi: Facebook has fixed a critical fault on Instagram that can help an attacker take over a user's Instagram account, and turn their phone into a spying tool, by simply sending them a malicious image file. ALSO READ | Here's Why PUBG Ban Is Unlikely To Be Revoked Soon Despite China's Tencent Being Removed From India Ops When a malicious image is saved and opened in the Instagram app, the hacker can gain full access to the victim's Instagram messages and images, which also lets them post or delete images. According to cybersecurity researchers at Check Point, the vulnerability gives access to victim's phone contacts, camera and location data. An attack can be launched even when such an image is sent via email or WhatsApp and then saved on a victim's device.
The researchers informed that it is remote code execution (RCE) which allows an attacker to hack into a computer or a server by running arbitrary malicious software (malware). "This vulnerability can allow an attacker to perform any action they wish in the Instagram app. Since the Instagram app has very extensive permissions, this may allow an attacker to instantly turn the targeted phone into a perfect spying tool – putting the privacy of millions of users at serious risk," the cybersecurity firm revealed in a blog post. ALSO READ | Jio Launches In-Flight Mobile Connectivity Service For 'Postpaid Plus' Users; Partners With Aeromobile "The vulnerability we found was in the way that Instagram used Mozjpeg– an open-source project used by Instagram as its JPEG format image decoder for images uploaded to the service," the researchers explained. The company reported its findings to Facebook and the Instagram team. Facebook has called the vulnerability an "Integer Overflow leading to Heap Buffer Overflow" and issued a patch to fix the issue on the newer versions of the Instagram application. "The patch for this vulnerability has already been available for 6 months prior to this publication, giving time to the majority of users to update their Instagram applications, thus mitigating the risk of this vulnerability being exploited," the researchers informed. "We strongly encourage all Instagram users to ensure they are using the latest Instagram app version and to update if any new version is available". Instagram is among the most popular social media apps globally, with more than 100 million photos being uploaded every day, and nearly 1 billion monthly active users. The issue within Instagram may be fixed, but it is strongly adviced that users don't download images from anonymous or unknown sources as the attack can be launched through other platforms as well.
View More
Advertisement
Advertisement
25°C
New Delhi
Rain: 100mm
Humidity: 97%
Wind: WNW 47km/h
See Today's Weather
powered by
Accu Weather
Advertisement

Top Headlines

Mumbai Airport Gets Fresh Bomb Threat, Caller Says 'Mohammad Is Travelling With Bombs'
Mumbai Airport Gets Fresh Bomb Threat, Caller Says 'Mohammad Is Travelling With Bombs'
Fresh Warrant Issued Against Sadhvi Pragya Over Malegaon Blast Case
Fresh Warrant Issued Against Sadhvi Pragya Over Malegaon Blast Case
Delhi Air Quality Continues To Be In 'Severe' As Dense Fog Wraps City
Delhi Air Quality Continues To Be In 'Severe' As Dense Fog Wraps City
Who Is Tulsi Gabbard? First-Ever Hindu Congresswoman Picked As Intelligence Chief By Trump
Who Is Tulsi Gabbard? First-Ever Hindu Congresswoman Picked As Intelligence Chief By Trump
Advertisement
ABP Premium

Videos

Nirmala Sitharaman Announces Game-Changing Collateral-Free Loan Scheme for MSMEsSIP Emerges as a Safe Investment Amidst Market Fluctuations | Paisa LiveTop Banks Offering 8.75% Interest for Senior Citizens: Here’s What You Need to Know!RBI Set to Make a Big Decision on Your EMI: What You Need to Know!

Photo Gallery

Embed widget