March 10, 2017 by

Google Removes Instagram Phishing Apps After 1.5 Million Installs

Security researchers from cybersecurity firm ESET discovered at least 13 new Instagram credential-stealing apps on Google Play which have been installed by up to 1.5 million users.

A number of malicious applications purporting as tools to either manage or boost the number of Instagram followers have targeted users on the Android platform. These apps appear to have originated in Turkey and used sparse localization in English to target users around the world.

These 13 applications were phishing for Instagram credentials before sending them to a remote server.

As it transpired, the applications used similar harvesting techniques to comb for Instagram credentials before sending them to a remote server. The apps baited victims by promising rapid increases in the number of followers and likes on one’s Instagram account. In a twist of irony, compromised accounts were used to increase the follower counts of other users in a self-perpetuating manner.

When victims fall into the phishing trap of providing user credentials on a faux Instagram login screen, the username and password is sent to the attacker’s server in plain text. These compromised accounts are then used by the attackers who sell various ‘bundles’ of Instagram popularity boosters, as explained by ESET here.

Altogether, these malicious apps have collectively seen a staggering 1.5 million installs from users around the world, underlining the significance of the malicious phishing scam. ESET has since informed Google of these applications and all 13 apps have been removed from the store.

LIFARS recommends users to not reveal their credentials into the login forms of unofficial applications or third-party apps. A trusted application will have a number of installs, ratings and, more pertinently, user reviews, that will shed further light into the authenticity of an application.

ESET has labelled the rogue phishing scam under Android/Spy.Inazigram, the strain used commonly by the 13 discovered applications on the official Google Play store.

Image credit: Pexels.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Instagram Security Breach Leaks Data of ‘High-Profile’ Users

Instagram has begun alerting users of a security breach that exposed the contact information and...

Read more arrow_forward

Instagram (Finally) Rolls out Two-Factor Authentication to All Users

Instagram has announced that two-factor authentication will be enabled for all users after...

Read more arrow_forward

Hackers Target Mark Zuckerberg’s Social Media Accounts

The man behind the world’s most popular social networking website, Facebook’s Mark...

Read more arrow_forward