Researcher Discovers Instagram's Hidden URL Blackhole Database with 4,629 Filtered URLs
By
tkp-415
Right out the toaster. Reliable, with some real depth.
Summary
A technical researcher discovered a hidden 'url_blackhole' database within Instagram's iOS app file system on a jailbroken iPhone. The SQLite database contained 4,629 unique URL chunks classified under four violation types, which trigger warnings when users attempt to visit them within Instagram. The article documents a reverse engineering exploration revealing Instagram's internal URL filtering system for potentially harmful or policy-violating content.
Key quotes
· 4 pulledWhile exploring the file system on a jailbroken iPhone 6s, I stumbled upon an interesting folder
Inside of this folder there was an SQLite database that included a 'url_blackhole' table with 4629 entries
There are were a total of 4629 unique url_chunks classified under 4 violation types
Attempting to visit any of these urls inside of Instagram, such as by clicking on the link in a direct message, presented multiple warnings
You might also wanna read
Anthropic Releases Free Security Plugin for Claude Code Terminal to Detect Vulnerabilities
Anthropic has released a free security-guidance plugin for its Claude Code terminal tool that autonomously reviews code edits, model outputs
cybersecuritynews.com·4h ago
wolfCOSE: A Lightweight COSE + CBOR Library for Embedded Systems with PQC and FIPS 140-3 Support
wolfCOSE is a lightweight C library implementing CBOR (RFC 8949) and COSE (RFC 9052/9053) for embedded systems, using wolfSSL as the crypto
github.com·1d ago
Anthropic launches Claude Security beta for codebase vulnerability scanning
Anthropic has released Claude Security, a defensive security tool within Claude Code on the web, from closed preview to beta for Claude Ente
thenewstack.io·1d ago
How LinkedIn's 2012 Breach Exposed the Dangers of Unsalted Password Hashes
This article examines the 2012 LinkedIn breach where attackers cracked millions of passwords using fast, unsalted hashes like MD5 and SHA-1.
hendryadrian.com·1d ago
AI-Generated npm Package Leaks Its Own GitHub Token, Exposing Malware Operator
A malicious npm package named mouse5212-super-formatter, identified by OX Security, was caught leaking its own hardcoded GitHub token. This
infosecurity-magazine.com·1d ago
How a botnet abused my open source project's cloud version to phish 14,000 people
The author, who runs an open source project management tool called Kaneo, discovered that a botnet had abused the hosted cloud version of th
andrej.sh·2d ago