Instagram App Bug Could've Given Hackers Remote Access to Your Phone
By MYBRANDBOOK
There is a critical vulnerability in Instagram's Android app that could have allowed remote attackers to take control over a targeted device just by sending victims a specially crafted image, as per Check Point Research. The concern is on , that the flaw not only lets attackers perform actions on behalf of the user within the Instagram app-including spying on victim's private messages and even deleting or posting photos from their accounts-but also execute arbitrary code on the device.
The bug in question lay in Instagram’s open source JPEG image decoder, Mozjpeg. To carry out this remote hack, attackers simply sent Instagram users a JPEG image file. If unsuspecting users downloaded the file and open the Instagram app again, the remote access tool (RAT) malware come into effect, and attackers could remotely escalate their privilege on the compromised device based on all the device permissions that Instagram has on it. For the app to function, Instagram typically takes access for camera, user location, microphone, storage and more, all of which are believed to have been vulnerable to the flaw.
According to Check Point, once an account was compromised, the user’s Instagram app would keep crashing, until the app would be uninstalled with a full data erase, and restored. Giving the critical nature of the flaw, Facebook is said to have urgently issued a flaw for this bug about six months ago. The flaw affected both the Android and iOS apps of Instagram, and was detected when Check Point researchers were exploring potential vulnerabilities in Instagram’s third party project integrations – of which Mozjpeg was one of them.
Flaws such as these are increasingly common, particularly with an increasing frequency of cyber attacks across all services. Recently, in light of increasing vulnerability disclosures, WhatsApp introduced a security disclosures page, where it will lay down key flaws that have been patched by them in the past. Given that Facebook, WhatsApp and Instagram work with similar principles, it remains to be seen if Instagram’s hierarchy decides to introduce a similar disclosure page as well.
Happiest Minds brings in an innovative GenAI chatbot
Happiest Minds Technologies has announced the new GenAI chatbot - ‘hAPPI...
Government mandates encryption for CCTV cameras to ensure netw
In the wake of issuing an internal advisory on securing CCTV cameras at g...
TRAI recommends allowing only Indian entities to participate i
The Telecom Regulatory Authority of India (TRAI) has recommended that onl...
Galaxy AI is available on more devices with Samsung One UI 6.1
Samsung has expanded the range of smartphones to which One UI 6.1 and Gala...
LENOVO GROUP LTD.
CENTRE FOR DEVELOPMENT OF TELEMATICS
ZOHO CORPORATION PVT. LTD.
TATA CONSULTANCY SERVICES
Technology Icons Of India 2023: Rishad Premji
Rishad Premji is the son of the Wipro head Azim Premji and was named a...
Technology Icons Of India 2023: Nikhil Rathi
Nikhil Rathi, Co-founder & CEO of Web Werks, a global leader in Data C...
Technology Icons Of India 2023: Honorary Prof. N. Balakrishnan
Prof. N. Balakrishnan is an Indian aerospace and computer scientist. H...
C-DOT enabling India in indigenous design, development and production of telecom technologies
An autonomous telecom R&D centre of Government of India, Center of Dev...
GSTN aims to integrate indirect tax ecosystem on a shared IT infrastructure
Goods and Services Tax Network (GSTN) has built Indirect Taxation plat...
HPCL is transforming the energy landscape, across the nation and beyond
HPCL is world-class energy company known for caring and delighting the...
SONATA INFORMATION TECHNOLOGY LIMITED
Sonata Software Limited is a leading Modernization engineering company...
INGRAM MICRO INDIA PVT. LTD.
Ingram Micro India, a large national distributor offers a comprehensiv...
ADITYA INFOTECH LTD.
Aditya Infotech Ltd. (AIL) – the technology arm of Aditya Group, is ...