New Delhi: Facebook has patched a critical vulnerability in Instagram that could have given an attacker the ability to take over a victims Instagram account, and turn their phone into a spying tool, simply by sending them a malicious image file.
When the image is saved and opened in the Instagram app, the exploit would give the hacker full access to the victim’s Instagram messages and images, allowing them to post or delete images at will, as well as giving access to the phone’s contacts, camera and location data, according to cyber security researchers at Check Point.
An attack can be triggered once a malicious image is sent via email or WhatsApp and then saved on a victim’s device.
The researchers revealed the critical vulnerability as remote code execution (RCE) that allows an attacker to take over a computer or a server by running arbitrary malicious software (malware).
“This…