Instagram changes APIs, feed access to third-party apps following discovery of malware

Posted by:
Date: Wednesday, November 18th, 2015, 07:45
Category: Developer, iOS, News, security, Software


In the wake of a security breach, you make changes.

Following the recent discovery of the InstaAgent malware, which was Instagram passwords from users, Instagram has instituted much stricter rules for accessing its API, effectively killing off a large number of apps that read Instagram feeds.

Over on its developer web site, Instagram explained that its API is changing, the way it distributes its feed is changing and the current API is being shut down. The company offered the following comment:

We’ve updated our Platform Policy to explicitly list the use cases we will support moving forward. These include apps and services that:

Help individuals share their own content with 3rd party apps, such as apps that let you print your photos and import an Instagram photo as a profile picture.

Help brands and advertisers understand and manage their audience, develop their content strategy, and get digital rights to media. Established apps in this space may apply for our newly announced Instagram Partner Program.

Help broadcasters and publishers discover content, get digital rights to media, and share media using web embeds.

Beginning today, Instagram will be using a new review process and preventing new apps from using its APIs until it starts conducting reviews on December 3. Existing apps have until June 1, 2016 to comply with Instagram’s new platform rules, and the users/self/feed and media/popular API endpoints will be available until the end of the review period. Instagram is also launching a new Sandbox Mode to allow developers to privately build and test apps using Instagram’s APIs.

The new policy adjusts how dozens of third-party Instagram apps that promised new followers as well as the ability to track follows and unfollows will function. Third-party apps will no longer be able to use “like,” “share,” “comment,” or “follower” exchange programs nor can they use follower information for “anything other than analytics” without Instagram’s permission.

This, in turn, essentially kills certain apps access to the full Instagram feed, it will also have an impact on legitimate Instagram clients for the iPad and the Mac, where Instagram is not natively available. As such, apps like Retro, Flow, Padgram, Webstagram, Instagreat, and more will be affected.

And this is life after a significant security breach…

Via MacRumors and TechCrunch

Recent Posts