A trio of Android applications that supposedly helped Instagram account owners increase likes and followers, boost security and improve the overall user experience were actually stealing their usernames and passwords, Malwarebytes has reported.
The apps, which were designed to target users based in Iran, had been available for download via the Google Play store as recently as April 12, but have seen been removed by Google, according to Malwarebytes Senior Malware Intelligence Analyst Nathan Collier, who penned a company blog post detailing the scam.
Collectively, Malwarebytes identifies the malicious apps as Android/Trojan/Spy.FakeInsta. The first of the three, Followkade, had over 50,000 installations prior to removal. According to the blog post, the Followkade app opens to a splash page following installation, and then to another page requesting the user’s credentials. Entering such information immediately results in it being sent to a known malicious website.
The other two apps are roughly translated as Like Begir Insta and Aseman Security Instagram. The former promises to generate likes, assist in the purchase of cheap coins, and provide daily gifts. The latter claims it can improve Instagram page security.
“There are many apps that pose as so-called helpers piggybacking off the social media craze. Some of them are legitimate apps that might be able to help users boost likes and followers as advertised. However, malware authors can too easily mimic the above-board apps, and they bank on users’ desire to find fast validation through social media acceptance,” writes Collier, who recommends that Instagram users avoid shortcuts and build their popularity the traditional way by developing quality content, while improving security through longer passwords.