App developer apologises following Google and Apple ban

Posted on November 17, 2015


The author of an app that harvested the usernames and passwords from Instagram has offered a public apology for his deeds.

InstaAgent, created by Turker Bayram, was taken down from app stores following the discovery that it had copied personal account details. InstaAgent, which informed users on who had viewed their profiles on Instagram, had risen to the top of the free app chart in the UK and several other countries before being removed.

However, on November 10th, a German developer for the iOS platform, David Layer-Reiss, tweeted evidence that the app was “hacking” personal information.

Bayram was contacted by the BBC the following day, but “failed to explain his actions”, according to its website. The day after, he offered an apology online.

He explained that he had tried to devise a way in which to promote the app, which demanded a fee from users if they wished to view more than three people from the number that had browsed their Instagram pictures. He created a feature that allowed people to use this function for free in exchange for allowing InstaAgent to be promoted on their feeds. He changed his mind, however, stating:

“It was not a good idea. We didn’t publish because we learned that Instagram wasn’t allowing private APIs [application program interfaces] for third party applications’ usage.”

Even so, he said, his app started to post ads to accounts. Adding it was a “terrible experience”, he sought to calm fears by stating that passwords were not saved to unauthorized servers.

Even so, Instagram itself has advised its users to get rid of the app from their devices and change their password. Alan Woodward, a security consultant, said:

“For a third-party app to send your password to an external server is at best a way of circumventing the policy of that social media service. At worst it is simply a means of grabbing your password for nefarious purposes.

“The particular way in which this app was sending user credentials to an unknown server seems highly unorthodox.”

Call Now Button

Who Engage Web has helped:

Ice Lolly Minuteman Press BUNZLGS1 UK The Underfloor Heating Store West Cheshire Athletic Club Thomas Cook MWB Business ExchangeWeb Media 360 D2 Architects Beacon Financial Training Steely ProductsBurlydam Garden Centre Asentiv BodyHQ Clever Vine Endeavour Mortgages Pro Networks Comm-Tech Wickers World Ascot Mortgages Top Teks
TEL: 0345 621 4321