Thankfully though, Instagram has since patched the vulnerability which means that if you’re running the latest version of Instagram, you should be safe. However, the good news is that this attack would have been a bit hard to pull off. This is because the hacker would need to send the victim an image that is loaded with malicious code.
The victim would then need to open up their Instagram account and upload that photo. This means that there are several steps in this process that need to be accomplished for the hack to work. The idea is that apps like Instagram request user permissions to certain features of the phone, and by exploiting this bug, the code in the image could then piggyback off the permissions to wreak havoc.
In a statement made to Business Insider, Check Point head of cyber research Yaniv Balmas said, “People need to take the time to curate each permission an application has on your device. This ‘application is asking for permission’ message may seem like a burden, and it’s easy to just click ‘Yes’ and forget about it. But in practice this is one of the strongest lines of defense everyone has against mobile cyber-attacks.”
Instagram has also noted that to date, there are no reports or instances in which the hack was successfully exploited.