Users of the popular photo-sharing app Instagram may want to think twice before posting and sharing their photos, after a vulnerability was found recently in the software.
Security vendor GFI Labs said the flaw found by security researcher Sebastian Guerrero allows an attacker to add himself as a prospective victim's "friend."
"(This can potentially give) attackers access not only to personal information that can readily by stolen but also to photos that are marked as Private," it quoted Guerrero as saying.
It noted Guerrero aptly named the flaw a "Friendship Vulnerability.“
Citing Guerrero's findings, GFI said the flaw stemmed from a programming mistake that led the app to mishandle the process of authorizing friend requests.
Potentially, it said attackers can brute-force their way into a target’s Instagram account without their permission.
GFI posted screenshots of Guerrero's proof-of-concept where his test account managed to add itself to the Instagram accounts of celebrities like Kim Kardashian. — TJD, GMA News