Home
Apps
Apps News
Third Party Instagram App Removed by Apple, Google for Stealing Passwords

Third-Party Instagram App Removed by Apple, Google for Stealing Passwords

By Ketan Pratap | Updated: 12 November 2015 12:14 IST

A third-party Instagram app named InstaAgent has been found to 'harvest' user names and passwords of users and send them to an unknown server. Apple and Google removed the app soon after iOS developer David L-R reported the issue on Twitter.

In his tweet David said, "I would say "Who Viewed Your Profile - InstaAgent" is the first malware in the iOS App Store that is downloaded half a million times." According to the developer, the app which comes with full name "Who Viewed Your Profile - InstaAgent" was available to download both via Google Play and App Store, and was able to send user credentials to a remote server via clear text.

The developer also found that the third-party client was posting images without user permission on Instagram profiles. "Surprise, surprise, #InstaAgent is also posting images without your permission in your #Instagram profile," said David in another tweet.

Notably, Instagram's Support Page clearly notifies users not to use any app that leaves comments or shares things that haven't been posted by the user. The company notes, "Never grant third-party access to a website or apps that aren't following our Community Guidelines or Terms of Use (including websites selling or promising free followers or likes), as it's likely an attempt to use your account in an inappropriate way."

MacRumors pointed that before David discovered the 'harvesting' of user names and passwords by InstaAgent, the app was rated as number 1 free app in both Canada and the United Kingdom in the App Store.

In the meanwhile, Instagram has asked users that installed InstaAgent app to change their password. In a statement to BBC, it said, "These types of third-party apps violate our platform guidelines and are likely an attempt to get access to a user's accounts in an inappropriate way. We advise against installing third-party apps like these. Anyone who has downloaded this app should delete it and change their password."

Users who use their Instagram password for other sites as well will of course need to make more than one password change.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: App Store, Apple, Apps, Google, Google Play, InstaAgent, Instagram, Social

Ketan Pratap

Email Ketan

Ketan Pratap is the editor at Gadgets 360 - with over 12 years of experience covering the technology domain. With a breadth and depth of knowledge in the field, he's done extensive work across news, features, reviews, and opinion pieces. But what's truly inspiring about Ketan is how he spends his free time. He's often found gazing at snow-capped mountains from over 20,000 feet while sitting on the hood of his car, taking in the breathtaking beauty of nature. His passion for the great ...More