Welcome to WebmasterWorld Guest from 18.205.109.82

Forum Moderators: open

Message Too Old, No Replies

Apple and Google Remove App That Was Stealing Usernames and Passwords

     
12:36 pm on Nov 11, 2015 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:26304
votes: 1023


Apple and Google have removed a third-party Instagram app which was discovered to be stealing usernames and passwords, in addition to posting photographs without user permission.
Third-party app InstaAgent was found to be storing users' Instagram usernames and passwords in an unencrypted form, before sending them on to unknown servers by iOS developer David L-R, who posted his discovery on Twitter late last night.

Google responded quickly to the revelation, removing the app from its Play Store, but Apple took a little longer to kill any mention of InstaAgent from the App Store, finally removing it a few hours after the first tweets indicated its malicious intentions. Apple and Google Remove App That Was Stealing Usernames and Passwords [theverge.com]


Anyone that downloaded the offending app should remove it, if it's not already gone, and change their passwords

It's surprising how some of these apps get through into the store in the first place, imho.
4:06 pm on Nov 11, 2015 (gmt 0)

System Operator from US 

incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 25, 2005
posts:14664
votes: 99


Yes, when Apple and Google have a walled garden and pretend to run quality control over the millions of apps listed we all know it's BS except the unwashed masses of consumers. We're talking about the same people that click on attachments in emails from strangers althought they've alll been told better so they'll blindly install any old app found in the app store without a second thought as to who's behind the app.

I tend to only install stuff from real companies and not any little putz that downloaded the APK and started writing apps which, although the companies might be collecting data, we're pretty sure it's not passwords.

Stick with the devil you know :)
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members