HackDig : Dig high-quality web security articles for hacker

«No Previous
No Next

Instagram Users Targeted by Credential Stealers, 1.5M Downloads on Infected Apps

2017-03-09 13:50

Apps trying to steal your Instagram credentials are popping in Google Play, posing as tools that will help you get more followers. 

According to researchers from ESET, 13 malicious apps were discovered in the official Google Play store, carrying Android/Spy.Inazigram. They phish for Instagram credentials and send them to a remote server.

The tools have been installed by up to 1.5 million users around the world before ESET notified Google and they were removed from the store. It seems that the apps originated in Turkey, although some of them used Englished localization to target users at a wider level.

The apps work in pretty much the same way by picking up Instagram credentials and sending them to a remote server. The apps were presented to users as tools that could increase their follower base considerably, as well as the number of likes and comments. The reality, however, was much different.

How does it work?

Attackers made the login page of these apps look extremely similar to that in the actual Instagram app. After typing in all the data, however, the email address and password combo were sent in plain text to the attackers' server. Once that happened, the user would no longer be able to log in as an "incorrect password" error screen appears.

Users are told they should check the official Instagram page to verify their accounts following the password error. Since, at about the same time, users receive an email about an unauthorized attempt to log in on their behalf, the warning should help ease the mind of users, making them trust the app.

Loads of fake promises
Loads of fake promises

If the user doesn't realize the dangers of the app and says it was them trying to log into the account, the attackers are given access to the Instagram accounts.

Stealing Instagram credentials can be quite lucrative for the attackers. The compromised accounts can be used for spreading spam and ads, as well as to "like" and "comment" on other people's accounts which have bought packages to boost their numbers.

In order to protect yourself, you should, preferably, stay away from this type of apps. If you ended up installing one of these apps, it's best to uninstall it and run a virus scan on your device. To secure your Instagram account go to the official page and change your password. If you used the same email-password combo on other accounts, it might be a good idea to reset those too.

The whole scheme
The whole scheme


Source: fni-no-sdaolnwod-m5-1-srelaets-laitnederc-yb-detegrat-sresu-margatsni/swen/moc.aideptfos.swen

Read:3015 | Comments:0 | Tags:Security

“Instagram Users Targeted by Credential Stealers, 1.5M Downloads on Infected Apps”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud