Google Playstore removes 9 apps found stealing Facebook login credentials

#Android #Apps #Google

The apps have been described as 'stealer Trojans' by malware analysts
The apps were collectively installed nearly six million times
A report said that in these apps, users used to disable in-app ads by logging into their Facebook account

Written By:Anjaly

Updated: July 05 2021 02:49:14 AM ET San Francisco, CA, USA

Google has removed nine Android apps from its Playstore after malware analysts discovered they were stealing Facebook users’ login credentials.

The apps, which were collectively installed nearly six million times, have been described as ‘stealer Trojans’ by malware analysts at Dr. Web and were spread as harmless software, reports said. These apps, which sounded like everyday utility apps and tools, provided services such as photo editing, exercises, horoscopes, etc.

Also Read | Microsoft’s blue screen of death to appear black in Windows 11

The apps included PIP Photo, installed nearly five million times, Processing Photom installed half a million times. It list also included Rubbish Cleaner, Horoscope Daily, and Inwell Fitness, which were installed nearly 100,000 times, and App Lock Keep, which was installed 50,000 times. The other apps included Lockit Master, Horoscope Pi, and App Lock.

A report said that in these apps, users used to disable in-app ads by logging into their Facebook accounts. “The advertisements inside some of the apps were indeed present and this maneuver was intended to further encourage Android device owners to perform the required actions,” the malware analysts said, Silicon Angle quoted.

Also Read | Google releases 1st transparency report under India’s new IT Rules 2021

The apps used to steal login credentials of users when they logged into Facebook, and it was shown in WebView with JavaScript, which used to send the login details to the attacker’s command-and-control server without the user’s notice, the Silicon Angle report said. After successful Facebook login, Trojan also stole cookies from the users’ current authorisation sessions.

The report said that these apps also could have targeted other accounts on service and not only Facebook.

“The attackers could have easily changed the trojans’ settings and commanded them to load the web page of another legitimate service,” the analysts said, and added, “They could have even used a completely fake login form located on a phishing site. Thus, the trojans could have been used to steal logins and passwords from any service.”

Google has not made a public statement on the apps yet.

Quick Links

About Us

Sitemaps

Google Playstore removes 9 apps found stealing Facebook login credentials

Related Articles

Who is Emmett Shear, new interim chief of OpenAI?

Who is Yuval Keshtcher? Israeli tech entrepreneur launches ‘Swords of Steel’ database to locate missing persons amidst conflict

Google 25th birthday: What was search engine’s name when it was first launched?

Was Blueface’s phone stolen and hacked? Rapper denies posting newborn son’s genitals

Is Donald Trump Jr’s X account hacked? Ex- president’s son announces father’s death, calls Biden the n-word

Taylor Swift vault puzzle not working: Google reports vault jam and ongoing repairs