AppStore not so safe? Instagram client shares 500k user passwords
Half a million Apple customers were exposed before the issue was discovered.
I would say "Who Viewed Your Profile - InstaAgent" is the first malware in the iOS Appstore that is downloaded half a million times.— David L-R (@PeppersoftDev) November 10, 2015
InstaAgent allowed users see who views their Instagram profile. When installed, it asked for Instagram usernames and passwords.
Developers at German company Peppersoft discovered login credentials were being stored UNENCRYPTED in the app and uploaded to a third party server.
The news broke Tuesday when German app company Peppersoft found issues with InstaAgent code. The client has since been pulled from Google Play and the AppStore.
The InstaAgent debacle comes a month after Apple had to kill 100’s of Apps it was selling over malware breaches caused by compromised developer tool kit.