Skip to content

Instagram attacks an app that allows you to see the private profiles of other users

24 mayo, 2021

Instagram has started take action against ‘Ghosty’, an application launched in April by a Turkish developer that promises to give us access to all Instagram accounts. Yes, that includes private accounts as well.

This app had already been downloaded more than 500,000 times on the Play Store, but it seems that Google has listened to Facebook / Instagram as the app has been removed from the app store.


Follow the steps of ‘Like Patrol’

And how could Ghosty get access to private Instagram profiles? Basically, this app was weaving an ever larger web. When someone downloaded the application, it gained access to all the accounts that it follows.

As if that were not enough, to be able to use it, it was necessary to invite someone else (giving in turn access to all the accounts that person follows). This means that with each new download Ghosty grows in size, gaining access to the accounts followed by other users on its network.

TikTok reaches 1,500 million downloads and is placed above Instagram

Instagram issued a statement, in which they assure that this app “violates their terms of service”, and that “it is a functionality that has never been available through its API”.

“We are investigating and planning further enforcement in relation to this developer.”

As we can see, Ghosty abuses the Instagram API to create a gigantic database that increases exponentially every time someone downloads it. Ghosty follows in the footsteps of ‘Like Patrol’, an app that was removed from the App Store last week.

Image 19 11 19 10 21 Pasted

Like Patrol, meanwhile, was an application created by a Mexican developer (Sergio Luis Quintero), and allowed users to count the likes of certain profiles.

This app charged a fee to these users with ‘stalker concerns’, since in this way they could know which publications other Instagram accounts were ‘liking’. Quintero told the BBC that his app is limited to the use of public data, and that he will fight for Apple to re-admit it in the App Store.

It is striking that these applications have come out in such a close space of time, and that both have ended (in a way) in the same way. What is clear is that there are developers who are using their ingenuity to take advantage of the service API to do things that, in principle, are not allowed.