Malicious “Boost Your Instagram Followers” apps found on Google Play

Security researchers have discovered a number of malicious apps on the Google Play store that are designed to illicitly obtain a victim’s Instagram login information.

Posing as tools for acquiring more Instagram followers, the apps were actually designed to phish for passwords and usernames for Instagram accounts, allowing criminals to gain control of those accounts to promote spammy websites.

Security firm ESET reports that the dangerous apps – 13 in total – have been downloaded over 1.5 million times. They also report that since alerting Google of the discovery, all the apps have now been removed.

Users with Android phones are always advised to install apps from Google’s “trusted” Play Store and not from third party websites since Google vet apps to ensure they’re legitimate. However, this is another demonstration that Google’s Play store can’t be trusted completely.

The malicious apps all promised Android users they could boost their Instagram followers. When installed on a phone, the app would ask the user to enter their username and password into a login screen. However the login screen would then send that information to the developers of the malicious apps.


Sponsored Content. Continued below...




Remember to keep your mobile phones safe. Even if an app is on the Google Play store, it may not be safe. So remember to be cautious of suspicious sounding apps and be wary of apps with little or no user feedback.

Also consider enabling two factor authentication for your Instagram account. That way, even if the criminals do obtain your Instagram password, they would still need an additional layer of security to access your account, most commonly a PIN sent to your phone through SMS.

Keep up-to-date with all the latest cybersecurity threats and our tips to stay safe online. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)