Fake Instagram App Hits Android Users
Instagram recently released its first version of the application for Android smartphones, and within the first week, it gained five million downloads.
The step to becoming a part of Android’s network coincided with the news that Facebook bought Instagram for $1 billion.
A day after Mark Zuckerberg, Facebook’s CEO, made this announcement, Instagram jumped to the top spot on Apple’s App Store.
These feats created the perfect storm of publicity, as the company grew its user base 10 million more people in 10 days.
Now, cybercriminals are cashing in by creating fake versions of the app on Google Android’s marketplace, designed to earn money from users.
A user who downloads an app from a site other than the official Android marketplace like Google Play is running the risk of infecting their smartphone with malware.
A report by security firm Sophos found that the fake app did not do a very good job of emulating the genuine Instagram app because it failed to find the correct network operator.
The report said that the malware seems to be relying on background SMS messages to earn its creators revenue.
Security firm Sophos identified several fake Instagram apps across the Internet, according to analyst Graham Cluley.
Instagram is not the only popular app being exploited on Google’s Android smartphones. Sophos recently reported that apps claiming to be Angry Birds Space may not be the safest download for a phone either.
“It’s quite likely that whoever is behind this latest malware campaign is also using the names and images of other popular smartphone apps as bait,” Cluley wrote in a blog post.
The fake Russian Instagram app also includes a photo of an unidentified man in the .APK file, possibly the app’s creator, friend, enemy or a Russian celebrity.
“Maybe the reason why his picture is included multiple times is to change the fingerprint of the .APK in the hope that rudimentary anti-virus scanners might be fooled into not recognizing the malicious package,” Cluley speculated.
Apple users do not need to worry about downloading malware because the company only allows its users to download applications through its App Store.
Google’s game plan is to open up its Android Market place so that it allows more applications to come in for its devices. However, the company added a new layer of security to Google Play in February to address some of the malware issues it has had in the past year.