If you use the application Instagram for iPhone, then it would be good to know that it exists inside a vulnerability that allows him for a hacker to steal your account while you are browsing the famous photo sharing network. According to the information published by the hacker, the application transfers session cookies through a non-HTTPS protocol, and a hacker can intercept the data transfer to steal your Instagram account.
I think this attack is extremely severe because it allows full session hijacking and is easily automated. I could go to the Apple Store tomorrow and reap thousands of accounts in one day, and then use them to post spam. I adhered to the FB responsible disclosure procedure. FB replied saying they're already aware of the issue and closed the ticket.
The hacker used this vulnerability to prove his theory and he claims that the use of a FREE WiFi HotSpot unencrypted could allow anyone to do exactly the same thing. If those hackers monitor the Internet traffic of that HotSpot while you are using it, then he can intercept the traffic and steal your account, the hacker notifying the Facebook company about this problem.
Until it is resolved, it is advisable to avoid any Free WiFi HotSpot.
