Instagram Acts Quickly, Patches ‘Friendship Vulnerability’ to Ensure Privacy

When programmers encounter some sort of vulnerability in popular and well-known apps, they report it to the company so it gets fixed (and maybe get compensated for it through the developer's bug bounty program.)

When hackers discover these vulnerabilities, they take advantage of them to steal personal information, passwords, and even users' money.

So it was pretty fortunate that it was Spanish security researcher Sebastián Guerrero who came across a 'friendship vulnerability' on Instagram, which its developers subsequently fixed within an impressively short period.

Guerrerro identified a security hole that could be used to launch a brute force attack on Instagram, which would allow hackers to 'add' themselves as Instagram friends with anyone they wanted to. This would give them access to the users otherwise private photos and information.

This would obviously have been a big privacy issue, given Instagram's security options would be rendered moot.

Guerrero demonstrated the hole by adding himself to Mark Zuckerburg's Instagram account, posting: Congratulations Mark for Instagram acquisition. When would it be eligible under the bounty bug program?"

Instagram has since fixed the bug, and it seems all is well once again in Zuckerberg's Instagram universe.