GBHackers News reports that malicious Python Package Index repository packages abusing TikTok and Instagram APIs have been leveraged by threat actors to check the validity of pilfered account credentials.
TikTok and Instagram are having their internal password recovery APIs exploited by the checker-SaGaF package, which has features enabling the spoofing of legitimate app behavior to establish the existence of accounts, while the steinlurks package contains almost half a dozen functions aimed at Instagram that allow covert compromise, an analysis from Socket researchers revealed. On the other hand, old app endpoints have been harnessed by the sinnercore package to prompt password reset flows on Instagram. With such API and error message vulnerabilities potentially resulting in significant cyberattacks akin to the breach of Ukraine's power grid a decade ago, organizations and individuals have been urged by Socket to ensure not only improved leaked credential awareness but also the implementation of regular password updates and thorough API response reviews.
TikTok and Instagram are having their internal password recovery APIs exploited by the checker-SaGaF package, which has features enabling the spoofing of legitimate app behavior to establish the existence of accounts, while the steinlurks package contains almost half a dozen functions aimed at Instagram that allow covert compromise, an analysis from Socket researchers revealed. On the other hand, old app endpoints have been harnessed by the sinnercore package to prompt password reset flows on Instagram. With such API and error message vulnerabilities potentially resulting in significant cyberattacks akin to the breach of Ukraine's power grid a decade ago, organizations and individuals have been urged by Socket to ensure not only improved leaked credential awareness but also the implementation of regular password updates and thorough API response reviews.
