InstaAgent, the app that hoped to bank on the curiosity of Instagram users, was ostracized from both Google Play Store and Apple App Store.

The way InstaAgent worked was simple: you download the app and connect it to your Instagram account. After providing it with your username and password, the app promised to show which users follow you on the photo-sharing service.

Advertised as a simple and straightforward application, the software proved to actually be malicious. InstaAgent stored passwords and username of Instagram accounts, eventually sending them to a remote server.

German iOS developer David Layer-Reiss unveiled the scheme in a series of tweets.

Layer-Reiss went on to point out that InstaAgent not only steals your credentials, but it also posts photos in your name. This is against Instagram's regulations.

Turker Bayram, the team lead behind the InstaAgent, posted a poorly written apology online.

In the statement, he mentioned in a broken English that his team wanted to promote the app in a new way. Initially, the malicious app allowed Instagram users to track their top three followers. To see who the fourth or fifth follower was, users had to pay a fee.

Bayram's explanation stated that his team wanted to allow users to see ads instead of paying, but eventually renounced the idea due to Instagram's user policy.

He acknowledges that the backlash against his app was a result of improper preparation from his team.

"It was a terrible experience for us. Because our application has removed both mobile markets," he admitted, referring to the fact that both Apple and Google kicked InstaAgent off their respective app stores.

He did reassure users who downloaded the InstaAgent app that their login info was safe, however.

"Nobody's account [was] stolen. Your password [was] never saved [to] unauthorized servers," Bayram underlined.

"But again and again we apologize... [and in the future] we must read service providers' policies carefully," he concluded.

Alan Woodward, a security consultant openly stated that he is skeptical about the good intentions of the app.

"Offering users an app to see who has viewed their profile is a classic way of scamming users into installing malware," he noted.

Before it got banned from the two most popular mobile app stores, InstaAgent ranked among the first free app downloads. This makes sense, as Facebook-owned Instagram has a user base of around 300 million and plenty of them were apparently curious about their popularity.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion