Digital Identity Blog

Thought leadership for cybersecurity, fraud and digital channel professionals

Facebook Buying Instagram Sets Off Android Malware App Feeding Frenzy

Posted
ThreatMetrix
By ThreatMetrix
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches.
Follow ThreatMetrix ThreatMetrix's Most Recent Posts:

News that Facebook was buying Instagram, a free photo sharing program, for $1 billion in cash and stock, had the same effect on cybercriminals as bloody chum in the water has on sharks.

Suddenly fake websites advertising Instagram apps for Androids started turning up faster than musicians at a free post-concert buffet (If you’re wondering how fast that is, get in a position to watch a table full of free food after a concert. But, don’t get too close. We wouldn’t want you to get hurt in the rush.)

Anyway, these fake websites advertised free Instagram app uploads which hid Trojans that had users sending outrageously expensive international text messages. Presumably the creators of the malware made their money by getting a percentage.

According to zdnet.com, Sophos, which first discovered the malware, identified it as “Andr/Boxer-F”. Noting multiple photos of a man in the apk file (a packaging file format for the Android operating system), the company speculated that the photos were included more than once to change the fingerprint of the file, trusting that rudimentary anti-virus scanners wouldn’t be able to detect the difference in fingerprints.

While these cybercriminals may not be the smartest people technologically, they do know a good thing when they see one. zdnet.com reported, “A day after the acquisition announcement, Instagram became the top free iPhone app on Apple’s App Store, and Android downloads have been off the charts (way over 5 million in less than a week, though Instagram has yet to share official numbers).”

ThreatMetrix
By ThreatMetrix Posted