Scoop has an Ethical Paywall
Licence needed for work use Learn More

Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 

Instagram users willingly become part of social botnet

Symantec Security Response has discovered many Instagram users have willingly shared their usernames and passwords with a bot-like app in order to increase likes and followers.

The application known as InstLike was available for iOS and Android devices. It could be found in both Apple’s App Store and the Google Play Store. Apple and Google have since removed the applications from their respective stores.

InstLike claims users will receive likes and followers for free. But as we have warned previously, these kind of “free” services for social networks are not free. InstLike asks users to provide their Instagram login credentials. Applications that wish to interact with Instagram accounts, however, should instead use the Instagram API.

Instagram users willingly become part of social botnet

As a result of signing up for the InstLike service, users opt in to having their Instagram account externally controlled for the purpose of auto-liking and auto-following others. When Symantec tested the application, the Symantec Instagram account began liking pictures without any consent or interaction from Symantec.

While a service like InstLike helps increases an Instagram user’s likes and followers, it comes at a significant security cost. Users are required to provide their full login credentials to an unauthorized service and they effectively become part of a social botnet.

Advertisement - scroll to continue reading

InstLike violates Instagram’s terms of use as well as the API terms of service.

Securing your Instagram account

If you have installed the InstLike application on your device, you should immediately uninstall it and change your Instagram password. Until you change your Instagram password, your account will be used for auto-liking and auto-following.

Symantec advises users never to share account credentials to any third party applications or services. Third party applications or services that require access to your account or information should use the legitimate APIs and authorisation protocols.

Read the full Symantec Security Response blog:

http://www.symantec.com/connect/blogs/instagram-users-compromise-their-own-accounts-likes

© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Business Headlines | Sci-Tech Headlines

 
 
 
 
 
 
 
 
 
 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.