Google removes popular Android apps that steal Facebook passwords

Google is still racing to launch Android apps Serious invasion of privacy. Ars Technica notes After Dr. Web analysts, Google has removed nine applications from the Play Store Find They are Trojan horses that steal Facebook login information. These are not obscure titles-the malware has been downloaded more than 5.8 million times and disguised as easy-to-find titles such as “Daily Horoscope” and “Trash Cleaner”.

These apps deceive users by loading the real Facebook login page, just load JavaScript from the command and control server to “hijack” the credentials and pass them to the app (and the command server). They also steal cookies from authorized sessions. In each case, Facebook is the goal, but creators can easily direct users to other Internet services.

There are five malware variants in the mix, but they all use the same JavaScript code and configuration file format to retrieve information.

Google tells Als It prohibits all app developers from entering the store, although this may not be much deterrent when the perpetrator may create a new developer account. Google may need to filter the malware itself to keep attackers out.

Of course, the question is how these apps get as many downloads as they did before they were removed. Google’s automatic filtering function keeps a lot of malware out of the Play Store, but the subtleties of the technology may help rogue apps bypass these defenses, leaving victims unaware that their Facebook data has fallen into the bad guys. hand. Whatever the reason, it is safe to say that no matter how popular they seem, you should be cautious about downloading utilities from unknown developers.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you purchase goods through one of these links, we may earn member commissions.

Leave a Reply

Your email address will not be published. Required fields are marked *