Google Play Store yet again became a haven for malicious apps. A set of new Android apps have been recently found that were stealing people’s Facebook usernames and passwords. The apps with trojans were downloaded more than 5 million times, meaning they were well known.
Google has deleted these apps from the Play Store. In case you have any of them on your smartphone, it’s time for you to delete them too. Here’s all you need to know.
Delete these Android apps now
As found by researchers at Doctor Web, the Android apps had a mix of five malware types and used the same JavaScript codes and file formats to steal people’s Facebook credentials.
How this was done? A pretty simple luring trick. The apps lured people into signing into their Facebook accounts to get rid of in-app ads and get access to more app features. This is a stage wherein people would easily enter their details when a Facebook login page was prompted.
This is where the malicious process started. Once people log into their Facebook accounts, the apps receive special settings to steal the data and loaded JavaScript from the Command and Control (C&C) servers to “hijack” people’s entered details. Following this, the stolen data was transferred to the trojan apps and then to the hackers’ C&C servers.
In addition to this, the malicious apps stole cookies from the current authorization session. Here are the apps that were responsible for the bad deed:
– Horoscope Daily
– Processing Photo
– App Lock Keep
– Rubbish Cleaner
– Horoscope Pi
– App Lock Manager
– Lockit Master
– Inwell Fitness
– PiP Photo
It is advised that people should always download apps from trusted developers on the Google Play Store to avoid getting acquainted with malicious ones. People should also look into the reviews and ratings to see if the app is genuine enough to be downloaded.
