Google Play eliminated these nine apps that stole Facebook passwords from their users


 

Analysis by the team of cybersecurity specialists at Dr. Web Anti Virus found Trojans in nine applications that have now been removed from the Play Store.


Several apps were downloaded millions of times from the Play Store, through which their developers obtained the user's Facebook access data.


The apps pretend to be general utility programs, from photo editing to device cleaning, and there's even a horoscope app. The apps are the following:

  • Processing Photo that was downloaded more than 500,000 times

  • App Lock Keep that was downloaded 50,000 times

  • App Lock Manager which was downloaded 10 times

  • Lockit Master that was downloaded 5,000 times

  • Rubbish Cleaner that was downloaded over 100,000 times

  • Horoscope Daily that was downloaded over 100,000 times

  • Inwell Fitness, which was downloaded more than 100,000 times

PIP Photo, by far the most popular on the list, accumulating more than five million times

Ars Technica retains that the applications provided users with the option to access their Facebook account from each app as a way to remove their ads. However, the credentials were hijacked through a javascript and also the cookies of the initiated session.


Google, in addition to eliminating the apps, ensures that it has banned its developers. The recommendation to users who have downloaded any of the apps is to immediately change their password and be attentive to any indication of possible unauthorized access.

Tags:

10 views0 comments

Recent Posts

See All