• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 22nd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security

iPhone Instagram users are vulnerable to hackers [Expert Report]

December 3rd, 2012 Waqas Security 2 comments
iPhone Instagram users are vulnerable to hackers [Expert Report]
Share on FacebookShare on Twitter

An internet security expert, who goes by the name of Carlos Reventlov has found a vulnerability on Instagram app for iPhone and iPod touch. The vulnerability allows hackers to illegally access the user account and make changes against its will, for example: changing and deleting of uploaded pictures.

The vulnerability was found on 11th November 2012 and Instagram authorities were informed but yet haven’t been fixed.

The Instagram app communicates with the Instagram API via HTTP and HTTPs connections.

During a test on two separate iPhone 4 units, both running iOS 6, Reventlov discovered that, login into Instagram profile, editing and uploading an image are done through secure channel, while, few other permissions are sent through plain HTTP without any security interruption, such permissions can be highly dangerous for the user and can allow hacker connected to the same LAN of the victim’s iPhone, to get in the user profile.

He added that:

“I’ve found that many iPhone apps are vulnerable to such things but not too many are high-profile apps like Instagram,” Reventlov added. He says that the fix for Instagram is rather easy. For API calls that utilize sensitive information, simply use HTTPS, or Hypertext Transfer Protocol Secure.

Proof of concept is available on Reventlov’s blog. 

[via Computerworld]
Follow @HackRead

  • Tags
  • Carlos Reventlov
  • hack
  • Hacking expertise
  • Instagram
  • iOS 6
  • iPad
  • iPhone
  • iPod Touch hacks
Facebook Twitter LinkedIn Pinterest
Previous article 32 Hungarian Website Defaced by Teamr00t, Sends message to NATO
Next article Former US Spy Chief: Get Ready for 'Cyber 9/11
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Gamarue malware found in UK Govt-funded laptops for homeschoolers

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

2 Comments
  1. Paddy Mulcahy
    December 15, 2012 at 2:31 am

    Any way of protecting ourselves?

    1. Hack Read
      December 15, 2012 at 8:00 pm

      Paddy, the problem is that Instagram was already reported by the IT Expert almost month ago, yet they didn’t took any measure to remove this vulnerability. So for now, just be careful and keep changing your password every now and then. I will update the readers as soon Instagram updates its security.

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Massive privacy risk as hacker sold 2 million MyFreeCams user records
Cyber Crime

Massive privacy risk as hacker sold 2 million MyFreeCams user records

19
Gamarue malware found in UK Govt-funded laptops for homeschoolers
Security

Gamarue malware found in UK Govt-funded laptops for homeschoolers

37
Shazam Vulnerability exposed location of Android, iOS users
Security

Shazam Vulnerability exposed location of Android, iOS users

357

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us