Endangered more than a billion users: Investigators from the Israeli cyber company Check Point identified a security vulnerability in the social network that makes it possible to take over the mobile phone • All the details
Photo: Yinon Ben-Shoshan
A serious security breach in one of the most popular social networks in the world:
The Israeli cyber security company Check Point announced today (Thursday) that it has located a breach on Instagram, with more than a billion users, that could lead to remote control of the app and smartphone.
"The device becomes a spyware tool for anything and everything, in a way that makes accessible to all the information found on the device and its various capabilities," the security company wrote.
The weakness was detected in the image processing mechanism of the popular platform, and allowed the attacker to take control of the app as well as obtain the location of the victim, contact information, camera activation and more.
The vulnerability existed in the code of one of the libraries used by Instagram - Mozjpeg - which allows uploading photos to the app.
The takeover was carried out in the following way: The attacker sends an image containing malicious code to the victim via email, WhatsApp, SMS or any other communication platform.
Then, the image is saved on the smartphone automatically or manually (automatic options can be for example the default setting for downloading WhatsApp photos), and the victim opens the Instagram app for normal use and thus initializes the exploitation of the weakness, in a way that allows taking over the device.
The control over the victim's Instagram and the device on which it is stored due to the weakness is extensive, due to the fact that the app asks for many permissions on the device on which it is stored, and allows the attacker to access many capabilities of the mobile device - from victim location and camera activation. Stored on the device.
Also, exploiting the vulnerability makes it possible to crash the app and disable it until it is deleted from the device.
Check Point researchers updated Facebook on the vulnerability in February and the company dealt with the issue quickly, using a security update designed to block the vulnerability in updated versions of Instagram.
Due to the fact that this is a serious weakness in a popular app, and that it is a non-automatic update and requires users to download it, Check Point waited 6 months with the publication to reduce the potential risk posed by the weakness.
"Popular applications are considered 'gold targets' for large countries and attacking entities, as they contain a great deal of personal information about them, as well as a particularly long series of permissions and accessibility on the device on which they are installed," said Yaniv Belmes, director of cyber research at Check Point.
In this respect, weakness in such an application constitutes an opening for a particularly dangerous attack.
We call on all Instagram users to make sure they are using an updated version of the app. "