What you need to know
- Facebook has patched a major security flaw on Instagram.
- Check Point Security discovered a flaw that would let hackers take over your smartphone using malicious code buried in a photo.
- Fortunately, no one seems to have been affected by the exploit.
Facebook says it has patched a security issue within Instagram that would have allowed hackers to take control of a smartphone by simply sending a user a photo carrying malicious code.
Cybersecurity researchers uncovered an Instagram vulnerability that would have enabled hackers to take over someone's smartphone and use it to spy on them by merely sending an image loaded with malicious code.
The vulnerability was uncovered by Check Point Security in April, the firm announced this week. It has since been patched by Facebook, the company said in an advisory, meaning anyone with the latest version of the Instagram app is immune to the attack.
The vulnerability was reportedly very easy to exploit, and could have granted any potential hacker a "wide range of permissions". The execution was also quite simple:
The attack begins when a hacker sends an image loaded with malicious code to a target via email or through a messaging app like WhatsApp.
If the target were to save the image to their phone and subsequently open Instagram, the hacker would gain full access to the user's Instagram account, as well as whatever functionalities Instagram can access, including the phone's microphone and camera.
Check Point's Yaniv Balmas warned people to "take the time" curating permissions that apps have on their devices and that whilst it may seem like a burden, it was one of the "strongest lines of defense" everyone has to protect against mobile cyber-attacks.
Facebook has patched the issue and says it was not aware of anyone abusing the exploit.
This new Stillwater trailer is heartwarming and wholesome
Apple TV+ has a new show coming and it includes a talking panda. What more need you know?
Review: Anda Seat's Dark Demon is a gamer's dream
Anda Seat's Dark Demon gaming chair is a rugged, durable gaming chair perfect for intense gaming.
DEVONthink 3.6 adds Big Sur support and workflow improvements
DEVONthink 3.6 takes the already great app and gets it ready for macOS Big Sur and more.
Bring the smarts to the great outdoors with these HomeKit outdoor plugs
Have an epic holiday light display that you always forget to turn on? Let automation and Siri handle it for you with the best HomeKit outdoor smart plugs.