Google recently took down nine applications from the Google Play Store after security researchers at Dr. Web (first reported by ArsTechnica) found these malicious apps using a special mechanism to trick users into handing over their Facebook credentials.

The apps reportedly lured users into disabling in-app advertisements by linking their Facebook profile to the app. However, while an actual form popped up where users could enter their Facebook details, malicious JavaScript code would capture the usernames and passwords.

“This script was directly used to highjack the entered login credentials. After that, this JavaScript, using the methods provided through the JavascriptInterface annotation, passed stolen login and password to the trojan applications, which then transferred the data to the attackers’ C&C server. After the victim logged into their account, the trojans also stole cookies from the current authorization session. Those cookies were also sent to cybercriminals,” said the researchers at Dr. Web.

Which are the nine apps that were taken down?

Here is a list of the nine applications that were taken down from the Play Store post the discovery. Google has also banned the developers behind these applications from publishing any new apps.

PIP Photo (5,000,000+ downloads)
Processing Photo (500,000+ downloads)
Rubbish Cleaner (100,000+ downloads)
Inwell Fitness (100,000+ downloads)
Horoscope Daily (100,000+ downloads)
App Lock Keep (50,000+ downloads)
Lockit Master (5,000+ downloads)
Horoscope Pi (1,000 downloads)
App Lock manager (10 downloads)

What can you do right now?

If you had any of the above apps installed, now is a great time to get rid of the application(s) and change your Facebook password. Also make sure that you have two factor authentication enabled on your Facebook account so that nobody can login remotely without you finding out.


Source link

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.