Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Instagram account hijack code published

Instagram account hijack code published


Softpedia - (International) A developer released a proof-of-concept that exploits the lack of HTTPS encryption in certain functions of the Instagram app for iOS that could allow an attacker on the same network to intercept session cookies and use them to take over Instagram accounts. Instagram parent company Facebook stated that they are aware of the issue and are working to find a solution.


Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at:

Last Updated: 27 May 2016 10:21:09