Summary: Malware writers have created a fake Instagram app for Android that is really a Trojan in disguise. The idea is to make money by leveraging all the hype surrounding Facebook’s acquisition of Instagram.
There’s a new Trojan on the block that is looking to take advantage of all the hype surrounding Facebook’s acquisition of Instagram. Cybercriminals have created fake versions of the Instagram Android app, designed to earn money from unsuspecting users. Sophos, which first discovered the malware, calls it “Andr/Boxer-F.”
Ever since Facebook announced plans to acquire Instagram for approximately $1 billion in cash and stock, there has been a lot of hype surrounding the app. I’m not just talking about rumors (likeFacebook beating Twitter to Instagram or the the original price being $2 billion).
A day after the acquisition announcement, Instagram became the top free iPhone app on Apple’s App Store, and Android downloads have been off the charts (way over 5 million in less than a week, though Instagram has yet to share official numbers). The Instagram hype is higher than ever, and malware writers are of course looking to cash in.
They have set up fake websites advertising fake Instagram apps, which by the way don’t really do a good job of looking like the real Instagram app. The devil is in the details: in the background, the malicious app sends expensive international text messages to earn its creators revenue.
As for the picture of the man at the top of this article, I think I’ve held your curiosity for long enough. I’ll tell you this right away: his identity is unknown. The man could be the malware author, his or her friend, his or her enemy, a celebrity, or just a random person found online.
The .apk file for this particular Android app includes his picture multiple times. Sophos speculates that it is included more than once to change the fingerprint of the file, in the hope that rudimentary anti-virus scanners won’t be able to detect the difference in fingerprints.