• Facebook

    500 K / likes

  • Twitter

    1 M / followers

Use ‘InstaAgent’ for Instagram? It Stole Your Account Password



If you have the app “InstaAgent” on your phone to track the people who visit your Instagram account, you might want to delete it now. The app has been banned by Apple and Google from their app stores after it was discovered that the app steals account passwords and posts ads without permission to people’s photo feeds.

The app’s downfall came after a German software developer named David from Peppersoft downloaded the app and discovered that it beams your Instagram username and password, without your knowledge and permission, in plain text (rather than encrypted) to a third-party server.

What’s more, the account passwords were used to log into accounts to post unauthorized images containing advertisements — something that’s strictly against Instagram’s policies.


In an interview with the BBC, app creator Turker Bayram says he made a “terrible mistake” in saving user passwords to a server. He says he was working on a new feature in the app that never got released, and that he has no idea why his app started posting ads to user accounts.


Prior to being pulled, InstaAgent was the #1 free app in a number of countries around the world, including the UK and Canada, and potentially hundreds of thousands of users have had their account details stolen.


If you were a user, it’s recommended that you immediately delete the app now and change your Instagram password.

(via @PeppersoftDev via MacRumors)