Watch out! Facebook-owned photo-sharing service has recently patched a critical vulnerability that could have allowed hackers to compromise any Instagram account without requiring any interaction from the targeted users.
Instagram is growing quickly—and with the most popular social media network in the world after Facebook, the photo-sharing network absolutely dominates when it comes to user engagement and interactions.
Despite having advanced security mechanisms in place, bigger platforms like Facebook, Google, LinkedIn, and Instagram are not completely immune to hackers and contain severe vulnerabilities.
Some vulnerabilities have recently been patched, some are still under the process of being fixed, and many others most likely do exist, but haven’t been found just yet.
Details of one such critical vulnerability in Instagram surfaced today on the Internet that could have allowed a remote attacker to reset the password for any Instagram account and take complete control over it.
Discovered and responsibly reported by Indian bug bounty hunter Laxman Muthiyah, the vulnerability resided in the password recovery mechanism implemented by the mobile version of Instagram.
The “password reset” or “password recovery” is a feature that allows users to regain access to their account on a website in case they forgot their password.
images from Hacker News