Android users are being taken in by fake, malware versions of Instagram, the popular photo-sharing app.
Instagram arrived on Android in the beginning of April (and has since been acquired by Facebook for a massive $1bn). So far, it has been downloaded nearly 400,000 times from the Google Play Store.
The fake versions of the Instagram Android app are found at a variety of unapproved sources, and are designed to earn money from unsuspecting users, playing on the app’s popularity, sending SMSes to premium rate numbers that earn their creators revenue.
The most widely spread of these fake Instagram apps, are the Andr/Boxer-F variants, distributed on a Russian website purporting to be an official Instagram site.
In the meanwhile, last week, Sophos also reported that malware versions of Angry Birds Space were also being found online, one of many recent popular apps to be preyed on by malicious hackers.
Graham Cluley, Senior Technology Consultant at Sophos said:
"Android malware is becoming a bigger and bigger problem. Just last week, we saw a bogus edition of the Angry Birds Space game and it's quite likely that whoever is behind this latest malware are also using the names and images of other popular smart phone apps as bait. Infected Androids are now effectively part of a botnet, under the control of malicious hackers.
Android users need to be extremely careful when downloading applications from sites, especially when they're not official Android markets.
With help from internet users we were able to identify that the image comes from a Moscow wedding photograph, where he was dressed a lot more casually than other guests. The man's photo became widespread on Russian internet forums, making the man something of a celebrity. There's no reason to believe, however, that he has anything to do with the Android malware attack."