Instagram iOS Vulnerabiltiy Could Let Hackers Delete Your Photos

Advertisement

Instagram may have come to Android earlier this year, but the popular photo app got its start and made a name for itself on iOS devices. Unfortunately for those iOS users, though, it turns out the app has a security hole that has the potential to let an attacker take some control over your Instagram account, including the ability to delete your pics.

The problem has to do with how the app authenticates itself with Instagram’s servers. While some actions require an encrypted connection, rendering them secure, other times the app uses an unencrypted cookie to confirm your account info with the company’s servers. That means that if you’re on an unsecured or untrusted connection, like an open WiFi access point, whoever controls that AP has the capability to sniff your traffic and grab that cookie.

Using that captured cookie, an attacker can connect to the Instagram website to access the victim’s account. By changing the email affiliated with the profile, an attacker can essentially lock users out of their own accounts.

The researcher who discovered this vulnerability contacted Instagram last month, but the company has yet to release an update to close the hole. There’s no word if a similar attack is possible for Android.

Source: Reventlov
Via: IntoMobile

Advertisement

What's your reaction?
Love It
0%
Like It
0%
Want It
0%
Had It
0%
Hated It
0%
About The Author
Stephen Schenck
Stephen has been writing about electronics since 2008, which only serves to frustrate him that he waited so long to combine his love of gadgets and his degree in writing. In his spare time, he collects console and arcade game hardware, is a motorcycle enthusiast, and enjoys trapping blue crabs. Stephen's first mobile device was a 624 MHz Dell Axim X30, which he's convinced is still a viable platform. Stephen longs for a market where phones are sold independently of service, and bandwidth is cheap and plentiful; he's not holding his breath. In the meantime, he devours smartphone news and tries to sort out the juicy bitsRead more about Stephen Schenck!