Security researcher Carlos Reventlov recently found that the Instagram app for iOS contains vulnerabilities that could allow an attacker to take over a victim's account.
"Here’s how the exploit works. As a matter of course, Instagram encrypts many sensitive activities when they are sent to Instagram’s servers, but other data is not encrypted, but instead sent in plain-text," writes Cult of Mac's John Brownlee. "One of these is a cookie that is sent the second the app is started up, and it’s this cookie that allows hackers to compromise your Instagram account, theoretically taking full control over it."
"A second risk that Reventlov shared with Instagram makes iPhones susceptible to eavesdropping and man-in-the-middle (MiTM) attacks that could enable an attacker to delete photos and download data off a victim's device," writes Sophos' Lisa Vaas. "As it now stands, Instagram communicates with the Instagram API via HTTP and HTTPS connections. Whereas sensitive activities, such as login and editing profile data, are sent through a secure channel, other requests are sent through plain HTTP without a signature."
"For the exploit to work, however, both the hacker and the legitimate Instagram user must be connected on the same LAN," notes SlashGear's Chris Davies. "That’s obviously not going to be the case if the Instagramer is using their mobile data connection, but if they’re on the same Wi-Fi hotspot then it leaves them potentially susceptible."
"The fix for Instagram is easy: the site should use always use HTTPS for API requests that have sensitive data, Reventlov wrote," writes Computerworld's Jeremy Kirk.
"Reventlov first discovered the vulnerability in the middle of November and quickly sent in notice to Instagram on November 11th, suggesting a fix," writes IntoMobile's George Tinari. "It still has not been fixed."