Once again, Cyber-criminals are targeting Instagram users with the help of malicious app which are hosted on Play Store. These apps mostly claim to boost the related accounts follower numbers. The ESET security researcher Lukas Stefanko has discovered 13 of such apps which are available over Play Store and they are created by Turkish developer. Thankfully, Stefanko has reported this issue to Google’s security team and they have removed all the 13 apps from Play Store last week.
How these apps do works?
All these apps work similarly and they are advertised and promoted in the same way. They promise to boost the instagram follower numbers. When you installed the related app, you will be asked to login the instagram accounts. The app will collect the sensitive information such as username and password and will store them in their server. A login error is displayed on the screen. This error comes regularly when user tries to authenticate on the instagram account. After few unsuccessful login attempts, it ask the victim to visit the official instagram websites but by this time, the user’s sensitive credentials are stolen. Interestingly, when you visit the official webpage, you will see a notice that someone has accessed your account.
According to Stefanko, all these 13 apps are a part of same Instagram credential stealing network which has been developed by Turkish cyber-crooks. They post image ads on the people’s profile and extorts money from account owners which has large followers base. Instgram credential stealing has been in the past as well when Google was forced to remove two similar apps from Google Play named as “Who Viewed Me on Instagram” and “InstaCore”.