Apps

These 9 Android Apps Were Stealing Facebook Passwords, Google Exposed Them

Google has identified and removed 9 Android apps, which together have been downloaded more than 5.8 million times, from the Play Store. During a security check, the apps were caught secretly stealing users’ Facebook credentials. This is reported by various online magazines including ArsTechnica. The fraudulent apps were discovered by a security team at Dr. Web antivirus.

“The applications were fully functional, which should weaken the vigilance of the potential victims. In order to access all functions of the apps and supposedly also to deactivate in-app advertising, users were asked to log into their Facebook account.” According to the security researchers at Dr. Web. “The advertising within some of the apps was actually there, and this maneuver was supposed to get Android device owners to take the requested actions.”

The apps masked their malicious intent by disguising themselves as photo editing, tweaking, fitness, and astrology programs, only to get victims to log into their Facebook accounts. Then the login details entered were hijacked using JavaScript code and sent to a server controlled by the fraudsters using a Trojan. It is not yet known whether other information was also stolen in the process. After Dr. Web removes the apps.

Android Apps List

  • PIP Photo (> 5,000,000 installations)
  • Processing Photo (> 500,000 installations)
  • Rubbish Cleaner (> 100,000 installations)
  • Daily horoscope (> 100,000 installations)
  • Inwell Fitness (> 100,000 installations)
  • App Lock Keep (50,000 installs)
  • Lockit Master (5,000 installations)
  • Horoscope Pi (> 1,000 installations)
  • App Lock Manager (10 installations)

Users have to delete the apps themselves

The apps went unnoticed in the Google PlayStore for months. In order to permanently remove the apps, users have to manually delete them themselves. While this particular campaign targeted Facebook accounts, the Dr. Web researchers said this attack could easily be extended to load the login page of any legitimate web platform with the aim of stealing logins and passwords from a variety of services.

Share
Published by
Yasir Zeb

Recent Posts

Crash in the smartphone market: lowest sales figures in 13 years

The global smartphone market is experiencing a severe downturn, recording its worst quarter in 13…

11 hours ago

Pixel 11: Mega leak shows images and data from the new Google smartphones

Amazon made a big mistake and revealed the entire lineup of the Google Pixel 11…

11 hours ago

Top 10 Payment Card Tools for Everyday Digital Finance

A payment card is easiest to understand when users see how it fits into real…

16 hours ago

OnePlus is ‘dead’: Oppo wants to soon announce its withdrawal from the EU & USA

OnePlus will soon be history. At least in Europe and the USA. What has been…

17 hours ago

Switch 2 OLED: Nintendo is apparently planning a display upgrade after all

Nintendo is reportedly still internally planning an OLED version of the Switch 2 for the…

17 hours ago

Maps: Google launches major visual update with immersive navigation

Google appears to be starting to distribute the new immersive navigation for Google Maps. The…

17 hours ago