Use ‘InstaAgent’ for Instagram? It Stole Your Account Password
If you have the app “InstaAgent” on your phone to track the people who visit your Instagram account, you might want to delete it now. The app has been banned by Apple and Google from their app stores after it was discovered that the app steals account passwords and posts ads without permission to people’s photo feeds.
"Who Viewed Your Profile" #Instaagent will send your Instagram Username and Password to an unknown server! pic.twitter.com/8uZJljJdtO
— David L-R (@PeppersoftDev) November 10, 2015
What’s more, the account passwords were used to log into accounts to post unauthorized images containing advertisements — something that’s strictly against Instagram’s policies.
In an interview with the BBC, app creator Turker Bayram says he made a “terrible mistake” in saving user passwords to a server. He says he was working on a new feature in the app that never got released, and that he has no idea why his app started posting ads to user accounts.
Prior to being pulled, InstaAgent was the #1 free app in a number of countries around the world, including the UK and Canada, and potentially hundreds of thousands of users have had their account details stolen.
I would say "Who Viewed Your Profile – InstaAgent" is the first malware in the iOS Appstore that is downloaded half a million times.
— David L-R (@PeppersoftDev) November 10, 2015
If you were a user, it’s recommended that you immediately delete the app now and change your Instagram password.
(via @PeppersoftDev via MacRumors)
