Google Play Removes 25 Apps Caught Stealing Facebook Credentials
Google has been forced to remove apps from its Play Store after their true malicious functions were discovered. In this instance, 25 applications that were collectively downloaded over 2.34 million times were stealing Facebook credentials. French Cybersecurity firm Evina discovered the apps, which were removed from the Play Store in early June. The programs were disguised as games, flashlights, wallpapers, editing software, QR scanners, step counters, file managers, and more, and while most did perform their intended functions, they also carried out malicious acts.
According to Evina, as soon as the person launched the contentious app on their smartphone, the malicious app detected what app a person lately opened and had within the telephone’s foreground. “If it is a Facebook application, the malware will launch a browser that loads Facebook at the same time. The browser is displayed in the foreground which makes you think that the application launched it,” the cyber-security agency explains.
Once the person put their Facebook login particulars on the phishing web page (which incorporates a black bar as a substitute of a blue bar of the unique Facebook app), the malicious then despatched the credentials to a distant server. This may probably permit attackers to entry all information saved on the Facebook account and even permit them to entry different web sites the place customers’ have logged in through their Facebook account.
They seemed legitimate in terms of functionality. However, hackers had inserted malicious code into them, which were used to detect a user’s recent activity, the report said. The app targeted the user’s social media account by overlaying a web browser on top of the official Facebook app, and presenting a fake Facebook login. The app would thus steal the user’s Facebook credentials with the fake login.
The full list of 25 apps, their names, and package ID, are listed below. When Google removes malicious apps from the Google Store, the company also disables the apps on a user’s devices and notifies users via the Play Protect service included with the official Play Store app.
The malicious apps were identified by Evina in May and reported to Google soon after. It remains unclear how many people had their Facebook credentials stolen, or how the apps evaded Google’s checks and made their way onto the Play Store.