Hackers use remote execution Bugs to use an image file and have access to all your post, Instagram messages and are also able to track your phone location
Instagram very popular app among youngsters had a major bug that allows a hacker to get full access to insta account remotely. With this loophole, hackers can access accounts, manipulate Instagram posts, and do everything they can do from the Instagram account. The worse thing is that with the help of this bug hackers can have full access to your contact list, the camera of your phone, and Location information. Hopefully, researchers of checkpoint found this bug and reported it to Facebook in starting of this year then they did some patches urgently.
Mozjpeg, Instagram‘s open-source JPEG image decoder, the question of this bug lay in it. In this remote hack, the User will receive a JPEG image file, If the user downloads this file without a doubt and then open their Instagram account then the remote access tool (RAT) malware comes into action, now hackers can able to access that user device remotely because Instagram had all device permissions at the time of user had installed application.
The permission that asks Instagram for the proper functioning of the app at the time of installation
- access for camera
- user location
- microphone
- storage
Above all and many others of which are affected by this bug.
When an Instagram user account is hacked, it will crash the app constantly till the user uninstall it fully with data erase after that they will be able to restore it. By knowing the seriousness of this bug, Facebook immediately issued a flaw for the bug six months ago. This affected both android and ioS apps of the Instagram application. At the time of Instagram’s third-party integration Mojpeg was one of the third-party checkpoints, researchers detected when they researched potential vulnerabilities.
This type of cyber attack generally increasing. Mainly it attacks services frequently. Recently, this type of attack news comes to light.
Security disclosures page introduced by WhatsApp where they described flaws of their app which were found and fix them in the past. As we see Facebook, Instagram, WhatsApp working process is similar, Now the question is when Instagram will publish this type of similar disclosure page
