Popular android apps collected Facebook the credentials have been removed from Google

Share This Post

The apps tricked users by loading the real Facebook sign-in page, only to load JavaScript from a command and control server to “hijack” credentials and pass them along to the app (and thus the command server). They would also steal cookies from the authorization session. Facebook was the target in each case, but the creators could just have easily steered users toward other internet services. There were five malware variants in the mix, but all of them used the same JavaScript code and configuration file formats to swipe information.

Google is still rushing to remove Android applications that seriously violate users’ privacy. According to Ars Technica, Google has taken nine apps out of the Play Store after Dr. Web experts found that they were Trojans that stole Facebook login information. These weren’t obscure titles; instead, a total of 5.8 million people downloaded the virus, which had names like “Horoscope Daily” and “Rubbish Cleaner” on the label.

Highlights

  • The question, of course, is how the apps racked up as many downloads as they did before the takedown. Google’s largely automated screening keeps a lot of malware out of the Play Store, but the subtlety of the technique might have helped the rogue apps slip past these defenses and leave victims unaware that their Facebook data fell into the wrong hands. Whatever the cause, it’s safe to say that you should be cautious about downloading utilities from unknown developers no matter how popular they seem.

  • Google told Ars it banned all the app developers from the store, although that might not be much of a deterrent when the perpetrators can likely create new developer accounts. Google may need to screen for the malware itself to keep the attackers out.

spot_img

Related Posts

Free games on PlayStation, Xbox and PC this weekend (12-14 August)

We are approaching the second weekend the way we...

Smash Boats is receiving a Couch Co-Op update and also an Xbox version: GameSpew

Sure, playing online can be fun but there’s nothing...

Redeem free paid games for Android too

In this regard, even in the week preceding the...

Regular press conference by Wang Wenbin, Foreign Ministry spokesperson, on August 10, 2022

Wenbin Wang: Let me first provide you some information...