ESET researchers have discovered 13 new Instagram credential stealing apps on Google play and looked into the motivations behind the fraudulent schemes in a new blog post.
Under the detection name Android/Spy.Inazigram, the malicious apps were phishing for Instagram credentials and sending them to a remote server. While they appear to have originated in Turkey, some used English localization to target Instagram users worldwide.
Altogether, the malicious apps have been installed by up to 1.5 million users.
Key features of the apps:
- To lure users into downloading, the apps promised to rapidly increase the number of followers, likes and comments on one’s Instagram account. Ironically, the compromised accounts were used to raise follower counts of other users
- The apps require the user to log in via an Instagram lookalike screen. The credentials entered into the form are then sent to the attackers’ server in plain text.
- The stolen credentials can be used to compromise accounts and spread spam and ads, as well as various other “business models” in which the most valuable assets are followers, likes and comments.
The full blog post explains this in detail and provides advice on how users can protect themselves: http://www.welivesecurity.com/2017/03/09/new-instagram-credentials-stealers-discovered-google-play/
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…