Wednesday, April 18, 2012

Watch Out for Android Malware Posing as Popular Instagram App

InstagramThinking about finally jumping on the bandwagon by trying out the Instagram app on Android?

Be sure that you download it from the Google Play store and not some random website.

Security experts at Sophos discovered that cybercriminals are attempting to capitalize on the fact that Instagram recently became available to Android users AND buzz stemming from the company being acquired by Facebook by pushing malware posing as the Instagram app.

The fake Instagram app is (thankfully) not available within the legitimate Google Play store, so you should be safe if you’ve downloaded app from there. The miscreants behind it decided to create websites dedicated to the cause of offering the disguised malware, which Sophos detects as Andr/Boxer-F.

And no, Andr/Boxer-F doesn’t do a very good job of pretending to be Instagram, but that may be because the goal of the app is to generate revenue for its authors by firing off expensive international text messages, not make it easy for you to snap photos, play with filters and share them with friends.

Unidenfitied Man Pictures Used in Instagram MalwareOne strange thing to note – the .APK file for the fake Instagram app contains multiple copies of a photo of an unidentified man (pictured right), which Sophos speculates is used to change the fingerprint of the file in order to evade detection by rudimentary antivirus scanners.

There's no telling who this man really is or why his photo was used, but personally, he reminds me of Will Ferrell with a funky haircut.

If you plan on downloading Instagram – or pretty much any other app for that matter – be sure that you download it from the official Android marketplace.  And make sure you always check the # of downloads, reviews, etc. to help weed out any other malicious applications.

Have you tried out Instagram yet? Who do you think the man in the photo looks like?

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment