Instagram App Bug Could've Given Hackers Remote Access to Your Phone
By MYBRANDBOOK
There is a critical vulnerability in Instagram's Android app that could have allowed remote attackers to take control over a targeted device just by sending victims a specially crafted image, as per Check Point Research. The concern is on , that the flaw not only lets attackers perform actions on behalf of the user within the Instagram app-including spying on victim's private messages and even deleting or posting photos from their accounts-but also execute arbitrary code on the device.
The bug in question lay in Instagram’s open source JPEG image decoder, Mozjpeg. To carry out this remote hack, attackers simply sent Instagram users a JPEG image file. If unsuspecting users downloaded the file and open the Instagram app again, the remote access tool (RAT) malware come into effect, and attackers could remotely escalate their privilege on the compromised device based on all the device permissions that Instagram has on it. For the app to function, Instagram typically takes access for camera, user location, microphone, storage and more, all of which are believed to have been vulnerable to the flaw.
According to Check Point, once an account was compromised, the user’s Instagram app would keep crashing, until the app would be uninstalled with a full data erase, and restored. Giving the critical nature of the flaw, Facebook is said to have urgently issued a flaw for this bug about six months ago. The flaw affected both the Android and iOS apps of Instagram, and was detected when Check Point researchers were exploring potential vulnerabilities in Instagram’s third party project integrations – of which Mozjpeg was one of them.
Flaws such as these are increasingly common, particularly with an increasing frequency of cyber attacks across all services. Recently, in light of increasing vulnerability disclosures, WhatsApp introduced a security disclosures page, where it will lay down key flaws that have been patched by them in the past. Given that Facebook, WhatsApp and Instagram work with similar principles, it remains to be seen if Instagram’s hierarchy decides to introduce a similar disclosure page as well.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
LAVA INTERNATIONAL LTD.
HIMACHAL FUTURISTIC COMMUNICATIONS LTD.
DATA SAFEGUARD INDIA PRIVATE LIMITED
FRESHWORKS TECHNOLOGIES PVT. LTD.
ICONS OF INDIA : SANJAY NAYAR
Sanjay Nayar is a senior finance professional in the Indian private in...
Icons Of India : CP Gurnani
Former Managing Director and CEO of the well-known IT service company ...
Icons Of India : AALOK KUMAR
Aalok Kumar is celebrated as a global leader and recipient of the Peop...
DRDO - Defence Research and Development Organisation
DRDO responsible for the development of technology for use by the mili...
NIC - National Informatics Centre
NIC serves as the primary IT solutions provider for the government of ...
IOCL - Indian Oil Corporation Ltd.
IOCL is India’s largest oil refining and marketing company ...
Indian Tech Talent Excelling The Tech World - AJAY BANGA, President - World Bank
Ajay Banga is an Indian-born American business executive who currently...
Indian Tech Talent Excelling The Tech World - Shantanu Narayen, CEO- Adobe Systems Incorporated
Shantanu Narayen, CEO of Adobe Systems Incorporated, is renowned for h...
Indian Tech Talent Excelling The Tech World - Thomas Kurian, CEO- Google Cloud
Thomas Kurian, the CEO of Google Cloud, has been instrumental in expan...