InstaAgent Scam App Resurfaces as InstaCare, Becomes Top App Download Again
Now it appears that its developer is going for a second try, with all the same elements, but under a different app name: InstaCare. This app does the exact same thing InstaAgent does—it steals user info and hijacks accounts—and again, it’s garnered the same amount of success. InstaCare reportedly even reached top spots of the Apple App Store download rankings lists in some countries. The app seems to have been taken down as if this writing, but considering the number of users that it was exposed to during the period that it was available, it did the job.
InstaAgent, InstaCare, and similar scam apps prove that social media in itself continue to be effective social engineering lures. While it’s not completely the fault of users who want to see who viewed their profiles and content, throw up similar search terms on Apple App Store and Google Play and a veritable cornucopia of other apps advertising the same functions appear. It should be reiterated that to date, there remains to be no legitimate, secure app that allows social media users to see who viewed their social media accounts. Save for LinkedIn’s “profile view” reports, popular social media sites and applications neither provide nor support this kind of service.
[Read: InstaAgent App Proves that Social Media View Scam is Still Effective]
Trend Micro detects the malicious mobile app as IOS_INSTASTEALER.A and ANDROIDOS_INSTASTEALER.A for iOS and Andriod devices, and installing mobile security applications like Trend Micro Mobile Security can help users protect themselves against these kinds of threats. Those who have downloaded it should delete the app, and are advised to change their account passwords. It bears repeating that users should always be careful of what apps they download. InstaCare’s resurrection is a reminder that despite efforts by app stores to ensure quality and security of the apps they offer, a couple of bad apples slip through.
Inspect the apps carefully before installing them. What do the reviews say? Is there an inordinate amount of 5 star and 1 star ratings? Last of all, check the permissions it asks for in case you decided to take the plunge—is it asking for more than it should? If in doubt, just skip it.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Exposed Container Registries: A Potential Vector for Supply-Chain Attacks
- LockBit, BlackCat, and Clop Prevail as Top RAAS Groups: Ransomware in 1H 2023
- Diving Deep Into Quantum Computing: Modern Cryptography
- Uncovering Silent Threats in Azure Machine Learning Service: Part 2
- The Linux Threat Landscape Report