Password-pilfering app exposes weakness in iOS and Android vetting process

4 12 2015

Ars Technica

November 12, 2015

Dan Goodin

Highlighting crucial weaknesses in Apple’s and Google’s processes for admitting new titles into their competing app stores, both companies have ejected a third-party Instagram app after discovering it probably pilfered user passwords and pictures.

InstaAgent, as the app was called, marketed itself as a program that tracked people who visited a user’s Instagram account. It had between 100,000 and 500,000 downloads from Google’s Play Store and was in the top charts of the iOS App Store. But behind the scenes, an app developer said earlier this week, the app sent users’ Instagram login credentials to a server controlled by the InstaAgent developer. Google was the first to pull the app. Apple later followed.

more.

The content in this post was found at http://arstechnica.com/security/2015/11/password-pilfering-app-exposes-weakness-in-ios-and-android-vetting-process/ and was not authored by the moderators of freeforafee.com. Clicking the title link will take you to the source of the post.

 

« »


Actions

Informations

Leave a comment

You must be logged in to post a comment