Instagram bug provide opportunity to the hackers to access users phone

A recent study by CheckPoint shows that the Instagram Android App has a critical problem of hacking the camera and the headphone jack of the smartphones. Due to this issue in the Instagram App, the attackers got a chance to control the whole device by just sending images that are crafted to the users of those smartphones.

According to Facebook, this enhanced security issue affects all the versions of the Instagram App before 128.0.0.26.128 that was released in February 2020. Due to this issue, the smartphones turn into a tool for snooping the users that don’t know anything about it. Bad actors not only hack the phones of the users but also enable hostile variations in the Instagram profiles of the users.

Due to this attack, not only the profile of the users is hacked but also the privacy of the users is breached that affects their reputation on social media and can lead to different serious issues. As this issue was found, Facebook engineers addressed the issue and released the update six months ago. This news was delayed to allow most of the users of Instagram to update their Apps so that they can reduce the problem caused due to the bug.

Still, Facebook claims that this Instagram bug doesn’t affect most of the smartphones throughout the world. But this bug may cause memory corruption that will lead to the execution of remote code that permits Instagram to easily access the camera, microphone, contact, photo gallery, and GPS. So after accessing them, the attackers can do various actions to the defected smartphones.

Due to this malfunction, the adversary can control the size of the memory covered by the specific image, the length of the data that is overwritten. This will in turn provide a chance to the violators to attack different locations and to change the remote code execution. CheckPoint researchers provide various tips to the users, like, updating all the applications and operating systems frequently, monitoring all the applications that are demanding extra permissions, and also checking that on which application they are demanding the permission, and before approving anything take a second to properly read all the instruction given and if the instruction is unsatisfying for you then don’t accept them.

However, there may be chances that various other bugs may be introduced in the future. So for this type of malfunctions the company has to prepare themselves early before any loss as they have to protect the data of many users.


Photo: Esra Hacioglu / Anadolu Agency / Getty Images

Read next: Instagram Might Soon Introduce Group Stories, Advanced Sticker Options In DMs and Much More

No comments:

Post a Comment