Instagram has been in the news a lot recently. It launched on Android only a few weeks ago and enjoyed over 1 million downloads on its first day on Google Play. Then Facebook decided to buy the 13 person company for $1 billion! Naturally, the Facebook purchase rocketed the app to even greater popularity with the acquisition being covered by the mainstream media.
When a cyber criminal sees something popular, especially on a mobile device, it becomes a very tempting target and Instagram has been no different. A Russian group has created a fake Instagram web site which offers downloads of the app directly from the site (rather than from Google Play) and, in doing so, is attempting to infect devices with malware.
Tests carried out by Sophos have concluded that the fake app doesn’t even try very hard to copy the genuine Instagram app but instead tries to connect with some Russian mobile networks in an attempt to create money by sending background test messages to premium numbers.
Creating dummy apps infected with malware is a popular technique used by cyber criminals. Recently a fully working version of the insanely popular Angry Birds Space was found with with a variant of the DroidKungFu malware. DroidKungFu contains its own embedded version of the GingerBreak exploit allowing it to silently root the infected device and install itself without any user interaction.
Curiously, the fake Instagram app has several embedded pictures of this man. Is this the app creator? If so, then dumb isn’t the right word. Could it be a sworn enemy of the app creator who is trying to get the man in trouble? Or is it just a random photo? We may never know.
As always, you should be cautious about what you download and from where you download it. Malicious apps create millions of dollars for cyber criminals and they will use almost any scheme possible to try and convince you to download an app infected with malware.