Researchers at Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading global provider of cybersecurity solutions, analyzed the security of Instagram’s mobile application for both Android and iOS operating systems, discovering a critical Remote Code Execution vulnerability ( RCE), which, being exploited, would allow the cyberattacker to carry out any action that is included in the wide range of permissions available to the social network, putting the privacy of millions of users at risk.
The increasing space and importance that mobile devices have gained in our lives has brought its users, essentially, positive aspects, such as greater ease in keeping in touch with families and loved ones or the possibility of working from anywhere. However, the immense number of features that a mobile device such as a smartphone offers also facilitates the work of cybercriminals who, successfully implementing malicious operations, will not only be able to steal sensitive data and information, but also collect the location of users, listen to their conversations and access your messages. The gateway that cybercriminals use to reach devices often passes through applications, due to the wide range of permissions they enjoy. Instagram is an example of one of the applications that has a greater extent of personal data that you access (camera, microphone, contacts, location, among others). Still being a platform widely used globally – with almost one billion active users per month and more than 100 million photos shared every day – Instagram thus becomes a very desirable medium for cybercriminals.
The characteristics of the potential Instagram attack
Taking advantage of this vulnerability, the attacker could simply send an image to his victim via email, WhatsApp or any other platform that allows it. The attack starts when the user saves the image on their device and later opens Instagram, granting full access to any resource that the app is allowed to access. These features include contacts, device storage, location services and the camera. The device thus becomes, in this scenario, the perfect spying tool, since it allows malicious actions to be carried out without the knowledge of its target.
In view of this discovery, Check Point fulfilled its duty to inform the Facebook and Instagram team, who described the vulnerability as an “Integer Overflow leading to Heap Buffer Overflow”, and was ready to remedy the problem by issuing a patch for the latest versions of the application aimed at all operating systems. Regarding the analysis operation conducted by Check Point, one of the Facebook spokesperson stated: “We resolved the matter and did not report any evidence of abuse. We are grateful to Check Point for contributing to the security of Instagram”.
The patch for this vulnerability was made available six months before the findings of this study were released, in order to give most users the opportunity to update the Instagram application and thus mitigate the risks introduced by this security breach.
Check Point warns of the importance of having mobile applications and programs constantly updated, reinforcing the importance of having solutions such as Check Point’s SandBlast Mobile, which offer total visibility for cyber risks, as well as advanced threat prevention capabilities. With the highest threat detection rate on the market, SandBlast Mobile users are protected from mlaware, phishing, Man-in-the-Middle attacks, operating system exploits, among many others.
Other interesting articles: