It seems that Facebook has been trying to hide a lot of bugs in the past for Instagram that has been resolved earlier this year. A few days back a bug was found on Instagram that allowed hackers to access the account they take the control over. The bug was resolved earlier this year. In the past, there were many other reports of many such bugs that were found and reported to Facebook for Instagram and resolved earlier this year, but they were only revealed months after they were resolved.
Now as per new details Facebook has fixed another bug that turns the phone into a spying tool through the Instagram app. The bug allowed attackers the ability to take over a victim’s Instagram account and turn their phone into a spying tool, simply by sending them a malicious image file. When the image is saved and opened on Instagram, it allows the hackers to fully exploit the user’s phone and gives them access to the messages, images, contacts, location, camera, and technically all the data on the phone.
The malicious image is sent through email, link, or WhatsApp after which once they are opened on Instagram, they infect the user’s phone. It was found that the bug has a remote code execution (RCE) that allows an attacker to take over a computer or a server by running arbitrary malicious software. The bug was named as “Integer Overflow leading to Heap Buffer Overflow” and was patched six months ago. Therefore, since most of the users are now using an updated version of Instagram, you will probably not face the issue.