Skip to content
  •   Saturday, April 1, 2023

NUNewsIndustry

  • Business
  • Health
  • Science
  • Technology
  • World
  • Home
  • Technology
  • Android malware apps caught stealing users’ Facebook password
Technology

Android malware apps caught stealing users’ Facebook password

2 years ago
Allan

Despite the fact that the platform is constantly monitored, the Google Play Store is frequently infected with harmful malware Hackers, on the other hand, have developed various techniques for circumventing Google’s security checkpoints for Android malware apps on the Google Play Store.

 

Now comes reports of a shocking recent discovery: up to 9 Android apps have been uncovered that steal Facebook users’ logins and passwords.

 

According to Doctor Web, these apps have been downloaded 5,856,010 times from the Google Play Store.

 

The malware specialists at Doctor Web discovered ten of these malware applications, nine of which were available on the Google Play Store.

 

These Android apps are stealer Trojans that have been distributed as benign software.

 

Users were required to log into their Facebook accounts in order to access all of the apps’ features and to turn off in-app advertising.

 

Users were directed to the usual Facebook login screen, which gave the impression that it was legitimate.

 

Hackers were able to gain access to the user’s Facebook credentials, as well as cookies, which were sent to cybercriminals.

 

The malicious Android apps disguised to be photo-editing, optimization, fitness, and astrology apps in order to deceive victims into entering into their Facebook accounts and hijack their credentials using JavaScript code obtained from an adversary-controlled server.

 

The list of Android malware apps are as follows –

  • PIP Photo (>5,000,000 installs)
  • Processing Photo (>500,000 installs)
  • Rubbish Cleaner (>100,000 installs)
  • Horoscope Daily (>100,000 installs)
  • Inwell Fitness (>100,000 installs)
  • App Lock Keep (50,000 installs)
  • Lockit Master (5,000 installs)
  • Horoscope Pi (>1,000 installs)
  • App Lock Manager (10 installs)

 

 

Android malware apps

 

 

While this effort appears to have targeted Facebook accounts, Dr. Web experts warn that this assault could have easily been extended to load the login page of any genuine web platform in order to capture logins and passwords from a range of services.

 

As part of its continuous efforts to prevent frauds and fake developer accounts, Google announced new steps for the Play Store, including requiring developer accounts to turn on 2-Step Verification (2SV), provide an address, and validate their contact details.

 

It is important to know that installing apps from verified and trusted developers, keeping an eye out for permissions requests from the apps, and reading other user reviews before installing.

 

Also read:

 

Popular Android antiviruses fail to detect malicious apps: DroidMorph

Android apps discovered with the ‘Joker’ malware: Report

Cybercriminals could possibly exploit Samsung pre-installed apps for spying

These 23 Android Apps exposed 100 million users’ personal data 

These Billing Fraud Apps have infected over 700,000 Android Users

Joker malware spread over 500,000 Huawei Android devices

 

 

 

 

 

Tags: 1facebook hacked, android, android apps, android apps malicious malware, android apps malware, android malware, antivirus, App Keep Lock, App Lock Manager, Astrology apps, Computer Security, computers, cyber news, cyber security news, cyber security news today, cyber security updates, cyber updates, cyberattack, cyberattacks, cybercrime, cybercriminals, cybersafe news, cybersecurity, cybersecurity news now, cybersecurity news today, dark web, data breach, Data leak, data stealing malware, DDoS, Distributed Denial of Service, Email, email security, exploit, Facebook, facebook app, facebook hackers, facebook login, google Play Store, hacker news, hackers, hackers apps, Hacks, Horoscope Daily, Horoscope Pi, Infected Installer, information security, InfoSec, infosec news, Inwell Fitness, latest cybernews today, latest cybersecurity news today, linux, Lockit Master, Mac, malicious apps, Malicious email campaign, malicious malware apps, Malvertising, Malware, malware app, malware removal, Mobile Security, network security, online security, personal data exposed, Phishing, PIP Photo, play store, play store malware, play store malware apps, Privacy, Processing Photo, ransomware, ransomware attack, ransomware attacks 2021, ransomware gang, ransomware group, ransomware malware, ransomware news, RCE, recent ransomware attacks, Remote Access Trojan, Remote Code Execution, remote desktop app, remote desktop app virus, remote desktop malware, REvil, rootkit, Security, smartphone, software vulnerability, Spam, spyware, Supply Chain, tech, tech news, tech support, tech updates, Technology, trojan, virus, virus removal, Vulnerabilities, Web Security

Post navigation

Chinese researchers accidentally revealed a Windows zero-day flaw
Kaseya supply-chain attack: Firms hit by REvil ransomware

Recent Posts

  • Uproar Over iPhone Design Leak-Takes After The Android Phone More Than Ever
  • iOS 16.3 updates to add some more oomph to your iPhone  
  • U.S Citizens In A Welcome Decree To Sponsor Refugees In Country
  • Google drums up a tracker version on the lines of the Apple AirTag tracker
  • Apple reportedly gunning for new MacBook Pro models release very soon  

Recent Comments

    Related Posts

    Technology

    Uproar Over iPhone Design Leak-Takes After The Android Phone More Than Ever

    2 months ago
    Allan
    Technology

    iOS 16.3 updates to add some more oomph to your iPhone  

    2 months ago
    Allan
    Technology World

    Google drums up a tracker version on the lines of the Apple AirTag tracker

    2 months ago
    Allan
    Technology

    Vande Bharat Express to go commercial on its maiden run on Jan 1 2023

    3 months ago
    Allan
    Copyright © All rights reserved | Theme by Mantrabrain