Header Ads

PSA: Google removed 9 popular Android apps that stole Facebook passwords!

Researchers just discovered that Apps with 5.8 million Google Play downloads stole users' Facebook passwords.
PSA: Google removed 9 popular Android apps that stole Facebook passwords!
Sneaky Android apps that steal Facebook passwords (File photo: Facebook log-in)

Trojan apps offering "real" services to steal your credentials

Google has been working to improve its Android security over the past few years. But a new research report shows that the search giant has still a long way to go. It revealed that nine apps with a combined total number of downloads of 5.8M have been stealing users' passwords on Facebook.

According to the researchers from the security firm Doctor Web, these 9 Trojan apps were caught furtively stealing users' Facebook login credentials. They seem harmless, offering real features like photo editing and app lock. 

The apps even allowed users to unlock more features and disable in-app advertisements by logging into their Facebook accounts. The security firm explained further,

The applications were fully functional, which was supposed to weaken the vigilance of potential victims. With that, to access all of the apps' functions and, allegedly, to disable in-app ads, users were prompted to log into their Facebook accounts. The advertisements inside some of the apps were indeed present, and this maneuver was intended to further encourage Android device owners to perform the required actions.

After the victim logged into his/her account, the trojans will steal cookies from the current authorization session. Those cookies were sent to cybercriminals.

Below is the list of Android apps that are said to be stealing Facebook passwords:

  • PIP Photo
  • Processing Photo
  • Rubbish Cleaner
  • Horoscope Daily
  • App Lock Keep
  • Lockit Master
  • Horoscope Pi
  • App Lock Manager
  • Inwell Fitness

As of writing, the source mentioned that Google has already removed all of these apps from the Play Store. In addition to this, the search giant has allegedly banned the developers of these apps. This means they cannot submit any new apps permanently.

Just in case you already downloaded these apps and used the Facebook login option, it is highly suggested to unauthorize these apps from your Facebook account and change your password immediately.

Source: Dr. Web, Via: Business Insider
Powered by Blogger.