Hackers can steal your posts, location from Facebook apps
Facebook and Instagram dominate as the most favored social media apps on the internet. They have drawn a wave of appreciation (along with some criticism) over the years, making a tempting package for internet users. However, if the latest reports are anything to go by, the same platforms also carry flaws that can easily compromise your privacy. Here's all about them.
Security flaws discovered in Facebook, Instagram's code
During a recent study, the folks at Check Point Research analyzed hundreds of apps on the Google Play Store for security issues. They employed a static engine and checked for the presence of old, vulnerable code in the updated versions of the programs. The work revealed loopholes in many programs, including Facebook, Instagram, and Chinese messaging service WeChat.
What were the issues in these apps?
When the researchers analyzed the apps, they specifically looked for three known 'remote control execution (RCE) vulnerabilities' from 2014, 2015, and 2016. Now, despite the apps claiming to have patched the vulnerabilities, the researchers noted that these bugs still existed, which opened a way for hackers to execute malicious code and carry out attacks. Additionally, the exploit's impact also varied from app to app.
How the bugs impacted the apps?
Though there are no reports of any active exploit, the researchers claimed that the existence of these vulnerabilities in itself poses a major threat to the security of users. Essentially, they said, the Facebook issue can be exploited to steal or modify shared posts, while the one in Instagram could be used to extract the location data of users.
WeChat issue allowed reading messages
Among other apps, researchers also found a flaw in WeChat, which, they said, allowed hackers to read SMS texts in WeChat. To recall, WhatsApp also faced a similar issue and compromised private messages of over a thousand human rights activists and government officials.
Apps informed to fix the issues
The researchers denied sharing more information about the bugs but said the developers of all the vulnerable apps have been informed to fix the issues. It is not clear when the fix will be released, but until that happens, we recommend having two-factor authentication on for all social media services and a reliable anti-virus app to prevent malware-based attacks.