Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Google and Apple Tricked into Approving Apps Which Again Steal Instagram Credentials

Google and Apple have once more been cheated in accepting rogue applications on their App stores. The new applications steal passwords and usernames of a user's Instagram. The App of Android with 23,000 users is known as "Who Viewed Me on Instagram", whereas the iOS app is known as "InstaCare - Who cares with me". TurkerBayram developed these new apps, the iOS apps and InstaAgent Android apps are also developed by same developer, which stole credentials of Instagram during last November.

The more worrying thing is the application was developed by Turker Bayram, same developer who developed the iOS apps and InstaAgent Android apps, which were found to be secretly stealing credentials of Instagram during last November.

David Layer-Reiss of Peppersoft Development found the earlier InstaAgent apps along with the 2 new apps, and says that as soon as InstaCare is installed by the users, they are immediately forced to log on with their credentials of Instagram, which are later encrypted and sent to the server of the crook. Users are lured by the app as it pretends to tell them who all have seen their profile and can also maliciously used to have access to the user's info including contacts, credentials and profile.

InstaCare advertises as an app which shows the identity of persons who have seen your profile, and hence most users do not find it odd and filled their credentials without enquiring what actually happens to them.

Once the credentials are saved on the attacker's server, they will use them afterwards to secretly enter the hacked accounts, and post ads and spam on behalf of the user. Findings of David are also confirmed by Kaspersky security researchers, and neither Google nor Apple has deleted the malicious apps from their app stores till the time of writing this article.

It shows that it is very difficult to handle large-scale app stores efficiently and securely, as both Google and Apple got tricked again by the same developer. Softpedia.com posted on 21st March, 2016, stating that the whole situation is a little annoying because the two might have flagged the developer to begin with. The applications have not been removed from the app stores till the time of publication.

» SPAMfighter News - 3/29/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page