Home » Security » Instagram on iPhone Could Allow Account Hijacking

instagram

Facebook’s popular photo sharing app for iOS, Instagram has a vulnerability that could make your account susceptible to be compromised. A security researcher Carlos Reventlov published on Friday a vulnerability in Facebook’s Instagram photo-sharing service that could allow a hijacker to seize control of a victim’s account.

His report reads:

“The Instagram app communicates with the Instagram API via HTTP and HTTPs connections.  Highly sensitive activities, such as login and editing profile data, are sent through a secure channel. However, some other request are sent through plain HTTP without a signature, those request could be exploited by an attacker connected to the same LAN of the victim’s iPhone.”

The vulnerability is in the 3.1.2 version of Instagram’s application the app is susceptible to eavesdropping and man in the middle attacks that could lead anyone to delete photos and download private media without the victim’s consent.  The vulnerability was found on 11th November 2012 and Instagram authorities were informed but yet haven’t been fixed.

Carlos Reventlov suggested fixes are use https for all API requests that could contain sensitive data, such as photo URLs or use a body signature for unencrypted requests.

AVG Premium Security 2013

Comments

comments

Latest

scribd Subscription Book Services Yes or No?
Write A Great Academic Paper The 10 Apps That Will Help You Write A Great Academic Paper
tech hacks 3 Tech Hacks to Give Your Car Luxury-Like Features
pocketcast Pocketcast App Review
Reliable Hosting Basic Factors of Reliable Hosting Provider

Newsletter

Subscribe to The Technology Geek email newsletter to stay up to date on the latest tech news!

Follow Us

Visit Us On TwitterVisit Us On FacebookVisit Us On GooglePlusVisit Us On PinterestVisit Us On YoutubeCheck Our Feed

Tech Geek Today

Tech Geek Today

MonTueWedThuFriSatSun
     12
3456789
10111213141516
17181920212223
24252627282930
31      
   1234
567891011
12131415161718
19202122232425
2627282930  
       
1234567
891011121314
15161718192021
22232425262728
293031    
       
     12
3456789
10111213141516
17181920212223
       
  12345
6789101112
13141516171819
20212223242526
2728293031  
       
      1
2345678
16171819202122
23242526272829
3031     
    123
45678910
11121314151617
18192021222324
252627282930 
       
 123456
78910111213
21222324252627
28293031   
       
      1
2345678
16171819202122
23242526272829
30      
   1234
567891011
12131415161718
262728293031 
       
   1234
567891011
12131415161718
19202122232425
262728    
       
1234567
891011121314
22232425262728
293031    
       
    123
45678910
11121314151617
18192021222324
25262728293031
       
  12345
6789101112
20212223242526
27282930   
       
      1
9101112131415
16171819202122
23242526272829
3031     
    123
45678910
11121314151617
252627282930 
       
 123456
78910111213
14151617181920
21222324252627
28293031   
       

Archives