Instagram has been getting a lot of buzz as of late thanks to the Facebook buyout. Why you would try to download it from anywhere other than the Play Store, we don’t know, but it turns out there is a malicious version of the app in the wild. Russian developers have released a fake version of Instagram that when installed will send SMSs in the background. The messages are sent to a premium number which helps generate revenue for the developers.
OK, no problem. Don’t download dodgy versions of apps from Russian websites. Except the story gets even stranger than that: embedded inside the malicious APK are photos of a man. Naked Security assumes that the developers inserted the photos in order to fool malware detectors. The man originally appeared in a wedding photo looking rather out of place, and the photo quickly went viral across Russian forums.
Even if it is a nasty piece of work, the malicious app has been well timed. Instagram has been seeing a lot of press lately, and more and more users continue to join the service after the Facebook acquisition news. Sophos has labelled the app as “Andr/Boxer-F”, and if you have the company’s Mobile Security software, you should be automatically protected from it.
Android malware has increasingly been on the rise. Dozens of apps on the Android Market were infected with a bug called Android.Counterclank back in January, which Symantec believes affected between one and five million users. Apps have also bypassed Google’s detection by piggybacking on other mobile apps. In February, any_name.apk could be installed once users were directed away from a Facebook profile and prompted to download the file. That app also sent premium messages in the background without the user’s knowledge.