Apple and Google Remove App That Was Stealing Usernames and Passwords

Forum Moderators: open

Message Too Old, No Replies

Apple and Google Remove App That Was Stealing Usernames and Passwords

engine

12:36 pm on Nov 11, 2015 (gmt 0)

Apple and Google have removed a third-party Instagram app which was discovered to be stealing usernames and passwords, in addition to posting photographs without user permission.

Third-party app InstaAgent was found to be storing users' Instagram usernames and passwords in an unencrypted form, before sending them on to unknown servers by iOS developer David L-R, who posted his discovery on Twitter late last night.

Google responded quickly to the revelation, removing the app from its Play Store, but Apple took a little longer to kill any mention of InstaAgent from the App Store, finally removing it a few hours after the first tweets indicated its malicious intentions. Apple and Google Remove App That Was Stealing Usernames and Passwords [theverge.com]

Anyone that downloaded the offending app should remove it, if it's not already gone, and change their passwords

It's surprising how some of these apps get through into the store in the first place, imho.

incrediBILL

4:06 pm on Nov 11, 2015 (gmt 0)

Yes, when Apple and Google have a walled garden and pretend to run quality control over the millions of apps listed we all know it's BS except the unwashed masses of consumers. We're talking about the same people that click on attachments in emails from strangers althought they've alll been told better so they'll blindly install any old app found in the app store without a second thought as to who's behind the app.

I tend to only install stuff from real companies and not any little putz that downloaded the APK and started writing apps which, although the companies might be collecting data, we're pretty sure it's not passwords.

Stick with the devil you know :)