Subscribe

Android malware targets Instagram

Kathryn McConnachie
By Kathryn McConnachie, Digital Media Editor at ITWeb.
Johannesburg, 23 Apr 2012

Cashing in on the hype surrounding popular photo-sharing application Instagram, a number of fake versions of the app are doing the rounds online.

Senior technology consultant for Sophos, Graham Cluley, says: “Naturally, the Facebook acquisition news raised Instagram to even higher levels of public awareness and that's where the bad guys stepped in. Cyber criminals have created fake versions of the Instagram Android app, designed to earn money from unsuspecting users.”

Cluley says if users download the Instagram app from anywhere other than the official Google Play store, or directly from the Instagram Web site, they are running the risk of infecting their smartphones with malware.

One example is a Russian Web site that mimics the look of the Instagram site, and offers users a free download.

“In our tests, the app didn't do a very good job of emulating the genuine Instagram app, but that may be because it failed to find the correct network operator. Because this is a malicious app that seems to be relying on the sending of background SMS messages to earn its creators revenue,” says Cluley.

Recently, users looking to download Angry Birds Space were also being targeted. Other popular smartphone apps being used in the scheme are Fruit Ninja, Temple Run and Talking Tom Cat.

Fraud analyst for Trend Labs, Karla Agregado, says: “Both the rogue Instagram and Angry Birds Space are detected as ANDROIDOS_SMSBOXER.A. Based on our initial analysis, the malware will ask users to permit the sending of a query using short numbers to supposedly activate the app. In reality, this malware sends a message to specific numbers. The rogue app also connects to specific sites, to possibly download other files onto the device.

“Users are advised to remain cautious before downloading Android apps, especially those hosted on third-party app stores,” says Agregado.

Share