Lord Marin writes:
Apple (NASDAQ: AAPL) and Google (NASDAQ: GOOGL) have removed InstaAgent, an app for Instagram, because of its malicious behaviour. It was storing and sending the passwords of its users to a third-party server.
The app’s advertised function was that it could track who visits an Instagram user’s account. It garnered many downloads because Instagram does not have that feature.
One Peppersoft developer has downloaded the app, “Who Viewed Your Profile – InstaAgent”, and discovered that the app deceptively reads account’s usernames and passwords. These are then sent via a text to a remote server, instagram.zunamedia.com, according to Mac Rumors.
Read more on BizTek Mojo.