A recently found flaw allows hackers to fully access user Instagram accounts
Hackers are targeting Instagram user accounts by exploiting certain flaws in the application.
Instagram is one of the most widely used social media platform and has a very huge user base. People generally share a lot of their personal and sensitive information on Instagram which makes the security a prime concern.
In a recent research, a new flaw of Instagram has come up allowing hackers to take over user accounts and access/edit their messages, images, posts, followers list, and everything else that would be a part of the account.
The vulnerability could be exploited through a simple malicious image that an attacker would send to a victim via any channel, be it the Instagram app itself, email, Whatsapp, or Facebook. Once the user saved the image and then afterward opened the Instagram app would lead to compromising of the account.
The attack can be termed as a Remote Code Execution (RCE) attack it would even allow the attackers to perform functions not inherently available to users on Instagram.
The source of the vulnerability lay in the use of a third-party JPEG image decoder named Mozjpeg which is also open source. Currently, the researchers have informed both Facebook and Instagram who have already released a patch as expected.
NPAV recommends users to keep an eye out for phishing campaigns circulating images. These images can be used by hackers to target and gain control of user's Instagram account. Hackers can then steal various information and data that a user has shared over Instagram.
Install NPAV on your devices to protect them from all kinds of cyber attacks. Use NPAV and join us on a mission to secure the cyber world.
- Other (42)
- Ransomware (123)
- Events and News (26)
- Features (44)
- Security (422)
- Tips (79)
- Google (22)
- Achievements (8)
- Products (33)
- Activation (7)
- Dealers (1)
- Bank Phishing (42)
- Malware Alerts (187)
- Cyber Attack (219)
- Data Backup (11)
- Data Breach (75)
- Phishing (138)
- Securty Tips (1)
- Browser Hijack (16)
- Adware (15)
- Email And Password (67)
- Android Security (55)
- Knoweldgebase (38)
- Botnet (15)
- Updates (3)
- Alert (70)
- Hacking (57)
- Social Media (7)
- vulnerability (53)
- Hacker (31)
- Spyware (8)
- Windows (6)
- Microsoft (21)
- Uber (1)
- YouTube (1)
- Trojan (2)
- Website hacks (3)
- Paytm (1)
- Credit card scam (1)
- Telegram (3)
- RAT (5)
- Bug (3)
- Twitter (2)
- Facebook (7)
- Banking Trojan (5)
- Mozilla (2)
- COVID-19 (5)
- Instagram (2)
- NPAV Announcement (5)
- IoT Security (1)
- Deals and Offers (1)
- Cloud Security (8)
- Offers (5)
- Gaming (1)
- FireFox (2)
- LinkedIn (2)
- WhatsApp (4)
- Amazon (1)
- DMart (1)
- Payment Risk (4)
- Occasion (2)
- firewall (1)
- Cloud malware (2)
- Cloud storage (2)
- Financial fraud (4)
- Impersonation phishing (1)
- DDoS (4)
- Smishing (2)
- Whale (0)
- Whale phishing (3)
- WINRAR (2)
- ZIP (2)