CHRIS DELMAS/AFP via Getty ImagesSummary List Placement
Cybersecurity researchers uncovered an Instagram vulnerability that would have enabled hackers to take over someone's smartphone and use it to spy on them by merely sending an image loaded with malicious code.
The vulnerability was uncovered by Check Point Security in April, the firm announced this week. It has since been patched by Facebook, the company said in an advisory, meaning anyone with the latest version of the Instagram app is immune to the attack.
But the vulnerability is notable because of how easily it can be carried out and the wide range of permissions it would grant a hacker. The attack begins when a hacker sends an image loaded with malicious code to a target via email or through a messaging app like WhatsApp.
If the target were to save the image to their phone and subsequently open Instagram, the hacker would gain full access to the user's Instagram account, as well as whatever functionalities Instagram can access, including the phone's microphone and camera.
"People need to take the time to curate each permission an application has on your device. This 'application is asking for permission' message may seem like a burden, and it's easy to just click 'Yes' and forget about it," Check Point head of cyber research Yaniv Balmas said in a statement to Business Insider. "But in practice this is one of the strongest lines of defense everyone has against mobile cyber-attacks."
A Facebook spokesperson said in a statement that the vulnerability has been patched and that the company isn't aware of anyone abusing the exploit.
NOW WATCH: Why babies can't eat honey
- Sheryl Sandberg reportedly said Facebook played a major role in sparking movements like Me Too and Black Lives Matter, but that 'we don't get credit for any of it'
- Kenosha protesters who say they were assaulted by right wing militias are suing Facebook for hosting a 'Kenosha Guard' page
- Facebook pledged to fight misinformation about climate change. Then it suspended a slew of environmentalist groups.