Fake Android Apps Steal Instagram Accounts

Instagram users are warned that a lot of malicious apps found on the Google Play store are harvesting the social network’s accounts by using phishing attacks. Continue reading to find out more.

Counterfeit Android Apps Target Instagram And Attempt To Steal User Accounts

If you are using Instagram then you should be careful. Security experts recently identified that a large number of Android apps available on the Google Play Store are actually malware that attempt to steal accounts. They have been created by cyber criminals to specifically harvest the account credentials by posing as one of the following types of utilities:

  • Tools that pretend to be various Instagram management apps. They promise to allow for more settings and various tweaks that are not available on the official app.

  • Various fake apps that promise to boost the user profiles by adding more followers. They are particularly effective as many users succumb to the idea that their social prestige can be measures by the number of the social media followers.

  • Account Automation Tools – They promise to automate certain actions such as posting images on a scheduled basis, following users and tagging posts.

All of these fake apps redirect the victims to phishing web site that presents an Instagram account login screen using the built-in WebView component. The fact that the actual Instagram login page is designed in an elegant and simple way makes it very hard to distinguish a counterfeit from the legitimate version. From the released security experts it seems that the various apps target mainly Turkish users.

Once the user has entered their username and password they are sent to the malware developers via a plain text connection. This is a very serious issue as it presents two problems to the victims:

  1. The malware operators of the malware get direct access to the Instagram accounts of the victims instantly.

  2. As the network stream does not use encryption any parties to which the network traffic passes can intercept the account credentials. This includes all internal and external networks that route the information.

In addition the personal information such as the password and username can be used by the credentials with a passphrase dictionary to try and access other social media or online services that may use the same combination. The various counterfeit apps are labeled as the InstaZuna Threat as identified by the McAfee Mobile Security team. The experts suggest that all mobile users use a security solution that allows for malware protection and password protection to safeguard their devices and accounts from such threats.

Google already removed the known apps from the Play Store.

Read: FiercePhish Phishing Framework Released

Was this content helpful?

Author : Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *