• ✨Always Use Forum Private Messages PM For Deal With Vendors✨

    Admin Contacts Jabber: megiddo@jabber.sk Telegram: @Megiddo1

25 Apps Stealing Facebook Passwords

✨ Megiddo

✨ President ✨
Staff member
Joined
May 15, 2016
Messages
4,020
Likes
2,572
Points
1,730
Applications were equipped with legitimate functionality, but also contained malicious code.

3256821457a96e8bb88ab9539b9b5eaf.jpg


This month, Google removed 25 Android apps from the Play Store that stole Facebook user credentials. At the time of removal of the application, a total of 2.34 million times were downloaded.

The creator of all 25 applications is the same cybercriminal grouping. Despite the fact that the programs offered users different functions, they actually worked the same way. According to the report of the French information security company Evina, received by ZDNet reporters, cybercriminals presented their programs as pedometers, photo and video editors, flashlights, file managers and mobile games. They were equipped with legitimate functionality, but also contained malicious code.

Malicious code detected the last application opened by the user and launched in the background. If it turned out to be Facebook, on top of the official application a browser window would open on the screen with a fake Facebook login page. After the user entered their credentials, they were sent to the remote airshop.pw server (the domain is currently not working).

Evina experts notified Google of malicious applications at the end of May this year. The company removed them from the Play Store earlier this month after checking the data provided by the researchers. Some programs have been on the Play Store for over a year.

Google removed malware not only from its store, but also from users ’devices. In addition, appropriate notifications were sent to all affected users through the Play Protect service built into the Play Store.
__________________
 
Top Bottom