It is hard to believe the fact that these days it is very easy to fool a person than to fool a computer or system. Thus attacks are moved towards #Social Engineering to exploit the system. Recently a malicious application has been identified.
Instgram is one such popular applications among many users and one of the main feature every user needs is that #Who viewed me recently ? Actually there is no such official application from the same Instagram developers who are providing this functionality.
To exploit this, a malicious developer developed an application in the name of #Instacare and #Who viewed me on Instagram? for both the iOS and Android platforms. There has been thousand of users who downloaded them.
It is identified that after the installation, the application requests the users to provide their login credentials and then the credentials will be secretly sent to the attacker's server and it can be exploited later.
The application also provides with top 100 people of your contacts and may look legitimate but it is a sophisticated way of exploiting people and getting the login credentials.
The same has been identified by a security researcher and also the researchers from Kaspersky labs confirmed it.
If you had installed this application earlier uninstall the application and change the Instagram login credentials immediately.
The researcher who identified the same posted it and it can be found here. The post by other researchers can be found here.
P.S: The post is to create awareness and not to create any negative impact.
No comments:
Post a Comment