Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Password-Stealing Instagram App 'InstaAgent' Reappears in App Store Under New Name

smacrumon said:
This is concerning and a little bit curious. How can such apps pass the supposedly stringent review processes? Interesting development indeed.
Click to expand...
Me too, is guilty of sending apps for review, timebombed to change their behavior after review is passed. This is how numerous vintage game console emulators got into appstore disguised as harmless utilities like flashlights. Apple can't do much about it, because it's an arms race they can't possibly win.

However, developer program license agreement clearly states what is forbidden for apps to do, and review pass doesn't relieve developers of any responsibilities or consequences (of being banned from Apple's AppStores for a lifetime).

As for sneaky bastards in question, i bet they can afford to bribe a random homeless person into buy a 99$ developer subscription for them.
 
If an app doesn't use safari/safari view controller to OAuth I'm not signing in to a third party through it.
[doublepost=1458736144][/doublepost]
2010mini said:
What can they do?
Click to expand...
They could mandate oAuth perhaps and I'm sure they can still to better in automation for detecting private API use, which is a separate issue but still undermines the approval process.
 
urmaster said:
If an app doesn't use safari/safari view controller to OAuth I'm not signing in to a third party through it.
[doublepost=1458736144][/doublepost]
They could mandate oAuth perhaps and I'm sure they can still to better in automation for detecting private API use, which is a separate issue but still undermines the approval process.
Click to expand...

i meant what could instagram do?
 
2010mini said:
i meant what could instagram do?
Click to expand...
Apologies, yeah that's pretty tricky perhaps a web dev might be better placed to answer that, there must be a way to segregate their own auth API from what is made publicly available.
 
This is a huge problem. I've got family, and no doubt others do, on iOS because it's simple & secure. The apps are meant to be far more moderated than Google's store (con is obviously less range/more locked down, but they're not power users or wanting lots of apps anyway). Having insecure things leak through is very poor, especially multiple times.

Do some mundane thing like a bit of pot which harms no-one and you'll be in jail or death penalty nearly everywhere; cause 100000x the damage doing 'virtual' stuff and no-one cares. Companies & Govt need to get with the times.
 
Stalwart said:
As for sneaky bastards in question, i bet they can afford to bribe a random homeless person into buy a 99$ developer subscription for them.
Click to expand...

Yeah, I'm pretty sure one of the ways they are getting these new apps approved is by using a new developer account. According to AppShopper, 'Who Cares With Me - InstaDetector' was published by 'Ismail Turkmen'. But 'InstaCare - Who cares with me?' was published by 'Turker Bayram'. How that developer account didn't get revoked is beyond me.

Clearly, the App Store review process has some serious inadequacies.
 
appahappa said:
How can someone give such an app three stars? :eek:
Click to expand...
That had me laugh coffee out my nose, which is not a good laugh. As you point out the user complains about App hacking his account but gives App 3 stars anyhow? Apple needs to fix this issue somehow but obviously the Reviews are not reliable indicators of crap.

Rule of thumb, apps that are used to hack your accounts should get 2 stars max! :rolleyes:
 
  • Like
Reactions: extrachrispy and cjgrif
Can we just quickly mention the last reviewer who had her account hacked but still gave the app a 3/5 star rating?!

You're more than a li l crazy, Britney.
 
There are lots of people who have several iCloud accounts and they use those iCloud accounts to post positive reviews that people have paid them to post. This is exactly why I ignore the positive reviews and read all of the negative reviews.

Did you ever see that picture of a girl sitting behind a desk that was covered with cell phones?

image.jpeg


Her job is to download apps, post positive reviews, delete the app and then move on to the next developer who paid her to do that with their app. This not only adds fake reviews, it artificially inflated download numbers. So, you can't trust download numbers either.

I'm sure almost any homeless person would jump at the chance to sit at a desk for an hour and post reviews for $5 USD per review.

It is my opinion that most of the positive reviews are nothing more than a waste of space.
 
Last edited:
  • Like
Reactions: Kroo
Y
iKrivetko said:
Yet a honest developer can have their app denied for some minor non-issue after a few weeks long review. This is preposterous, Apple really needs to pull their **** together.
Click to expand...
You might have missed the line that stated the app made into the Google playstore too. Seems like everyone needs to get their shît together, no?
 
ardchoille50 said:
There are lots of people who have several iCloud accounts and they use those iCloud accounts to post positive reviews that people have paid them to post. This is exactly why I ignore the positive reviews and read all of the negative reviews.

Did you ever see that picture of a girl sitting behind a desk that was covered with cell phones?

View attachment 622668

Her job is to download apps, post positive reviews, delete the app and then move on to the next developer who paid her to do that with their app. This not only adds fake reviews, it artificially inflated download numbers. So, you can't trust download numbers either.

I'm sure almost any homeless person would jump at the chance to sit at a desk for an hour and post reviews for $5 USD per review.

It is my opinion that most of the positive reviews are nothing more than a waste of space.
Click to expand...

But this only happens with Android apps, never with iOS.
 
  • Like
Reactions: Avalontor
DaveP said:
Because private entities pursuing criminal charges (private prosecution) is not allowed in the state of California. The government would need to pursue any criminal charges.
Click to expand...
I think you took the wording of my comment too literally. I know Apple can't file criminal complaints on its own. However, the company can report the crime in the hopes that the jurisdiction will pursue charges. (Also, Apple operates in many different jurisdictions, not just California.)
 
So I guess the APP review process is as good as Apple testing their iOS and OS with all the bugs they have been having.
iMessage doesnt work with me update and iMessage can be hacked through the front door as well. So much quality over quantity. I still love the platform but its become what Microsoft once was. Sad.
 
Why does it seem like Apple's vision, discipline, and leadership have become super lax lately.
 
VulchR said:
Many people here are rightfully noting that Apple should do something about this. However, perhaps so should Instagram.
Click to expand...

There is not much Instagram can do in this scenario , other then issue correspondence to its registered users warning them about this app.
[doublepost=1458800513][/doublepost]
dan110 said:
Why does it seem like Apple's vision, discipline, and leadership have become super lax lately.
Click to expand...

Yeah also noticed they put on a few pounds and started bean counting for thier retirement
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back