Instagram was vulnerable to malicious image attack

Posted on Friday, September 25 2020 @ 10:09 CEST by Thomas De Maesschalck
Instagram logo
Check Point security researchers announce they discovered a dangerous bug on Instagram that would have allowed an attacker to take over your phone. The attack worked by crafting a malicious image file and tricking the user into opening it with Instagram. This triggered an "Integer Overflow leading to Heap Buffer Overflow" and could give the attacker full access to your phone:
Earlier this year, Check Point researchers found a critical vulnerability in the Instagram app that would have given an attacker the ability to take over a victim’s Instagram account, and turn their phone into a spying tool, simply by sending them a malicious image file. When the image is saved and opened in the Instagram app, the exploit would give the hacker full access to the victim’s Instagram messages and images, allowing them to post or delete images at will, as well as giving access to the phone’s contacts, camera and location data.
Technical details about the exploit can be read over here. There is no need to wory though as the bug seems hard to exploit and was reported to Facebook earlier this year. The company rolled out a patch on February 10, 2020 so if your mobile device regularly updates itself you should be safe from this exploit.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments