Hackers use remote execution Bug to use an image file and have access to all your post, Instagram messages and also able to track your phone location
Instagram very popular app among the youngsters had a major bug that allows a hacker to get full access of insta account remotely. By this loophole, hackers can access of accounts, manipulate Instagram posts and everything they able to do from the Instagram account. The worse thing is that by the help of this bug hackers can have full access of your contact list, the camera of your phone, and Location information. Hopefully, researchers of checkpoint found this bug and reported to Facebook in starting of this year then they did some patch urgently.
Mozjpeg, Instagram‘s open-source JPEG image decoder, the question of this bug lay in it. In this remote hack, User will receive a JPEG image file, If the user downloads this file without a doubt on it and then open their Instagram account then the remote access tool (RAT) malware comes to action, now hackers can able to access that user device remotely because Instagram had all device permissions at time of user had installed application.
The permission that asks Instagram for the proper functioning of app at the time of installation
- access for camera
- user location
Above all and many others of which are affected by this bug.
When an Instagram user account hacked, it will crash the app constantly till the user uninstall it fully with data erase after that they will able to restore it. By knowing the seriousness of this bug, Facebook immediately issued a flaw for the bug six months ago. This affected both android and ioS apps of the Instagram application. At the time of Instagram’s third-party integration in that Mojpeg was one of the third party checkpoint researches detected when they researching potential vulnerabilities.
This type of cyber attack generally increasing. Mainly it attacks services frequently. Recently, these type of attacks news comes in light.
Security disclosures page introduced by WhatsApp where they described flaws of their app which were found and fix them in the past. As we see Facebook, Instagram, WhatsApp working process is similar, Now the question is that when Instagram will publish this type of similar disclosure page