Turkish Instagram accounts were popped by the thousands recently, thanks to a few malicious apps that managed to make their presence on the Google Play Store. The applications that were found stealing the passwords of Turkish users from across the globe are Insta Takipci Kazan, Takipci Keyfi, Free Takipci, FollowInsta, and Instalker.
The damage inflicted by these applications is quite considerable, given the fact that they managed to operate without getting caught for some time. McAfee mobile security, also sometimes referred to as Intel Security was the first to discover the fact that these apps had started storing the login credentials to various instagram accounts illegally and had shared them to a remote server.
Most of the time, the applications that happen to get you into trouble are those that tell tall tales. In this case, the promises made seem a bit odd and its quite strange that the people to downloaded these applications actually fell for what they had to offer. The applications downloaded offered users with the chance to get free followers, better Instagram analytics and even scheduling posts. Of course, that would have needed access to the main application, which the users then happily gave. As a result, the id and password both got stored on the rogue server, thus leading to the account being compromised.
To combat this, Google was forced to pull these aps out of the play store. When the problem was noted it was found that the applications were sending the LoginID and Password to the users in very insecure cleartext format, which was easy to hack from anywhere in the network. Such low levels of security have been displayed by a number of applications such as the fraudulent Rubix Project in the past. The problem was tracked by Apple, and the application to which these activities were followed was termed as “Who Viewed Your Profile – InstaAgent”
Such applications must be avoided at all costs. Always read up a lot of reviews before installing any unknown application.