Is your personal information okay?
Malicious code was found in nine android apps on the Google Play store.
According to Russian antivirus software developer Dr. Web, the code is for stealing Facebook login information. The total number of downloads of the app has reached more than 5.8 million times, but it has already been deleted from the store.
In addition, Dr. Web malware analysts said the app offered services such as photo editing, storage cleaning, fitness, and horoscopes, and looked just right, news site Ars Technica reports. But it’s all a trap to steal your Facebook password and username.
What kind of method was it stolen by? Now, let’s look at the specific procedure.
When you first download the app, users will be required to log in to their Facebook account with the excuse of accessing all services in the app and removing ads. Account linkage is common in other apps, so few people should have any doubts. And if you accept this, the app will load the official login page and the information (username and password) entered on the page will be sent to hackers through special coding.
Dr.Web researchers are pretty clever about this. The app receives basic settings from the hackers’ servers at startup and displays the official Facebook page in its built-in browser. In addition, it loads the Java Script received from the server into the same browser.
In this way, hackers first steal login information. From there, the Java Script I mentioned earlier sends the information to the app and sends it to the hackers’ servers. Furthermore, after logging in, cookie information was stolen through an authentication session and sent to other cybercriminals.
Analysts have discovered 10 malicious apps so far. About 9 of them were available on the Google Play store. Among them, the ones disguised as image editing apps are the most downloaded, with “PIP Photo” over 5 million and “Processing Photo” over 500,000. In addition, more than 100,000 of each of the other three image editing apps have been downloaded.
Apps that have been found to be fraudulent If you have downloaded any of the following apps, update your Facebook information (password, etc.) immediately to see if there is any fraudulent activity on your other account. ..
-Processing Photo
-PIP Photo
-Rubbish Cleaner
-App Lock Keep
-App Lock Manager
-Lockit Master
-Horoscope Pi
-Horoscope Daily
-Inwell Fitness
Nine apps that have been found to be fraudulent have already been removed from the Google Play store. According to a Google spokeswoman, the app developer’s access rights have also been deprived, so new apps cannot be submitted in the future.
Also Read : Qualcomm Promises a chip That Can Rival Apple’s M1
Google Docs is an internet-based application that allows users to easily create, edit, and collaborate…
The battle for artificial intelligence is underway in cybersecurity. Between cyberattackers and defenders in organizations,…
Remember the prehistoric days of battling other fans over the last team slab of plastic…
The popularity of ebooks has grown exponentially over the past few years, with the online…
National Information Systems Security Agency created a "crisis pilot" role motivated by the increasing complexity…
Poor management can become the beginning of the end of your business. To ensure business…