Kaspersky Lab: As he said Instagram, criminals are exploiting a bug in it Instagram which allows them to steal the information of its users, including famous people.
Kaspersky Lab researchers have been notified of the bug that has been reported by Kaspersky Lab Instagram on Tuesday 29 August and shared a brief technical analysis in social media.
The researchers discovered that the vulnerability exists in the mobile devices Instagram version 8.5.1, which was released in 2016 (the current version is 12.0.0).
The attack process is relatively simple: using the outdated application, the attacker selects the password reset function and records the request using a web proxy.
They then select their victim and send a request to the Instagram server that bears the unique ID or username of the target. The server returns a JSON response with the victim's personal information, including sensitive data such as email and phone number.
The attacks are of great intensity work:
each of these must be done manually, since Instagram uses mathematical calculations to prevent attackers from automating the application form
Hackers were trapped in a "basement" forum where they traded their personal account data that belonged to famous people.
Η Kaspersky Lab advises users that use older versions of it software to update them immediately to the latest version available.
Other helpful tips for staying safe on social media include using different email addresses post officey for different social platforms, reporting any concerns or irregularities to the network – and most importantly: if you receive password reset emails that you have not requested, notify your network immediately.
