Multiple fake apps were found on the Google Playstore phishing for Instagram users. These apps claim to help Instagram users increase the number of followers and likes they get. Malwarebytes Labs found that the apps were specifically targeting Iranian users.
According to Malwarebytes security researcher, Nathan Collier there were three apps luring Instagram users on the Playstore. The names of the apps are Followkade, LikeBegir, and Aseman Security.
Collier stated in an article:
“As the psychology of social media reveals how addicting it can be to receive likes and even better, followers, on platforms such as Instagram, users often look for shortcuts or other ways to game the system in order to get that rush of dopamine. “
Attackers take advantage of human nature and the addiction of social media to prey on users using social media platforms. Sites like Instagram, offer users the satisfaction of an audience liking, following, and commenting on their pictures and stories. With fake apps like Followkade, users get an instant gratification, whereas it can take years to build up an audience.
Further, many of these apps look very realistic and have over 50,000 installs. Followkade has a 4.0 rating on the Playstore and has great reviews. Another app, LikeBegir, alleges to increase likes and give daily gifts to users. The app, Aseman Security, alleges to help increase followers, but to also secure the user’s Instagram page preventing it from being hacked. However, installed inside these apps is a trojan, dubbed Android/Trojan.Spy.FakeInsta.
When tested using a network scanner, researchers found that the app sent in plaintext usernames and passwords of Instagram accounts to a malicious website. When malicious actors get a hold of social media credentials they can get an insight of your life, your contacts, and personal life. If you have downloaded these app, they should be uninstalled immediately.
Contact LIFARS for security advisory solutions.