Sophos warns of fake Instagram Android apps with malware


19 Apr 2012

Sophos’ senior technology consultant Graham Cluley warned users downloading photo sharing app Instagram from unofficial sources to be cautious, as many are fake apps containing malware.

According to Cluley, cybercriminals have created fake versions of the Instagram Android app which aim to take money from users.

The fake app reportedly does not emulate the real Instagram app too well, but sends SMS messages in the background to take money from the user, sending it directly to the malware creator.

Cluley said that if users download the app from unofficial sources rather than the official Android market Google Play, then they are at risk of infecting their phone with malware. This was also noted last week when Sophos discovered fake versions of Angry Birds Space on unofficial app stores containing malware.

One similarity Angry Birds Space and Instagram share is phenomenal success on smartphones, which malware authors appear to be taking advantage of to spread malicious software.

Instagram attracted massive attention in recent weeks after Facebook acquired the company behind the photo sharing app for US$1bn. It also recently released its Android app.

The app managed to gain 10m new members in 10 days thanks to the news and saw its userbase grow to 40m members in total.