Another breach of confidentiality couldhappen if dishonest people exploit Instagram vulnerabilities discovered by cyber security expert Laxman Mutiyah. The expert revealed an imperfect password recovery system, and he informed the owner of Instagram, Facebook, about it. An imperfect system allows you to hack any account within 10 minutes.
The essence of the method of hacking is the following. When you reset your password, a digital code is sent to your email or smartphone to confirm your identity. In this case, it is impossible to pick up the code by the method of iterating through the options, since Instagram limits the number of sent codes. However, the specialist applied the method of changing IP-addresses and automatically sent about 200 thousand requests from thousands of different IP-addresses. This process took about 10 minutes provided by the user to enter the code.
By simple calculations, Mutiya determined thatfor successful hacking of an account, 5 thousand IP addresses are required, from which 1 million requests are sent. To carry out such a hack it is enough to spend about $ 150, if you use cloud services, for example, Google or Amazon.
After reporting a vulnerability on Facebook, a response came in that the error was fixed, and a specialist is entitled to a premium of 30 thousand dollars.