• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

SwaCash | Internet Marketing News

Latest Updates on Tech, Internet & Digital World

  • Home
  • Digital Marketing
  • Social Media
  • Technology
  • About
  • Contact Us
You are here: Home / News / Android: apps with 5.8 million downloads used to steal your Facebook passwords

Android: apps with 5.8 million downloads used to steal your Facebook passwords

July 4, 2021 by Amer Bekic

There is a constant struggle to clean the app stores of malware scams that attack users. This time, researchers discovered 9 apps that used a trick to steal Facebook passwords from Android users. The worst part is that these are not niche apps i.e. they have over 5.8 million downloads making the high number of users with their smartphones “engaged” already considerable.

Google has already deleted them after investigators at a security company discovered how criminals operate.

Social engineering to steal Facebook passwords

The scheme was simple from the point of view of gaining the trust of the user. According to the security company behind the discovery, the apps provided fully functional services for photo editing and framing, exercise and training, horoscopes, and deleting junk files from Android devices.

All of the identified apps offered users the option of opting out of in-app ads by logging into their Facebook accounts. Users who chose the option saw a real Facebook login form with fields for entering usernames and passwords.

How easy is the step to have a functional, free and ad-free application? Millions of people have fallen for this simple but effective ruse.

These Trojans used a special mechanism to deceive their victims. After receiving the necessary settings from one of the C&C servers at launch, they loaded the legitimate Facebook webpage https://www.facebook.com/login.php into WebView. They then loaded the JavaScript received from the C&C server into the same WebView.

This script was used directly to hijack the login credentials entered. After that, this JavaScript, using the methods provided via the JavascriptInterface annotation, passed the stolen login and password to the Trojan applications, which then forwarded the data to the attackers’ C&C server.

Once the victim logged into their account, the Trojans also stole the cookies from the current authorization session. These cookies were also sent to cybercriminals.

explained the investigators of the company Dr Web.

Mechanism could be used to steal passwords from any service

According to an expert analysis, all these malicious applications were responsible for stealing the usernames and passwords of Facebook accounts. However, the attackers could easily have changed the settings of the Trojans and ordered them to load the web page of another legitimate service.

In fact, with this mechanism, they could even have used a completely bogus login form located on a phishing site. Thus, Trojans could have been used to steal the usernames and passwords of any service.

Researchers have identified five variants of malware hidden in apps. Three of these were native Android apps, and the other two used Google’s Flutter framework, which was designed for cross-platform compatibility.

The security company said it classifies them all as the same Trojan because they use identical configuration file formats and identical JavaScript code to steal user data.

The variants identified by the company are:

Over 5.8 million downloads of Android apps containing malware

Most of the downloads went to an app called PIP Photo. This one has been downloaded over 5.8 million times. The next most ambitious application was Processing Photo, with over 500,000 downloads.

The other nominations were:

A Google Play search shows that all apps have been removed from the store. A Google spokesperson said the company has also banned the creators of the store’s nine apps, meaning they won’t be allowed to submit new apps.

Google wouldn’t have any other way to deal, even if it’s a soft action, because that’s not what will stop them. They can easily create a new account, with a different name, pay the $25, and try to cheat Google and Android users again. Easy, right?

Be careful if you have downloaded them to your smartphone

Anyone who has downloaded any of the above apps should carefully scan their device and Facebook accounts for any signs of an attack.

If you have possibly installed any of these apps on your Android, immediately remove and change your Facebook password.

Filed Under: News

Primary Sidebar

E-mail Newsletter

More Articles

Three Tweets related to EtherRock sales

Not one not two, Three digital pet rock cliparts sell for $600K each

August 22, 2021 By Amer Bekic

PolyNetwork Hacking Incedence

Hacker who stole $800 Million, now offered a white hat job by its victim firm

August 20, 2021 By Amer Bekic

credit card back panel containing the magnetic stripe

MasterCard announces future without magnetic stripe on the back.

August 17, 2021 By Amer Bekic

Fortune magazine sells its cover art as NFT. Raises 1.3 Million dollars

August 14, 2021 By Amer Bekic

Bored Ape Yacht Club Token 3749

This bored ape pic just sold for 1.29 Million dollars!

August 14, 2021 By Amer Bekic

Footer

Search this site

Recent Articles

  • Not one not two, Three digital pet rock cliparts sell for $600K each
  • Hacker who stole $800 Million, now offered a white hat job by its victim firm
  • MasterCard announces future without magnetic stripe on the back.
  • Fortune magazine sells its cover art as NFT. Raises 1.3 Million dollars
  • This bored ape pic just sold for 1.29 Million dollars!

Browse Topics

  • Blogging (164)
  • Content Marketing (7)
  • Cryptocurrency (5)
  • Digital Marketin (4)
  • Digital Marketing (333)
  • E-commerce (122)
  • Google (195)
  • Google Ads (24)
  • Marketing (166)
  • News (344)
  • Seo (74)
  • Social Media (43)
  • Technology (27)
  • Uncategorized (82)
  • WordPress (22)

Tags

Amazon Android Apple Apple Watch Artificial Intelligence B2B Bitcoin Blogging China Content Content Marketing Coronavirus Cryptocurrency Cybercriminals cybersecurity Digital Digital Marketing Facebook Gaming Google Increase Sales Instagram Intel internet strategy iOS 15 iPhone iPhone 12 IPhone 13 Make Money Marketing Microsoft Nvidia Online Marketing Samsung Science Search engine optimization Seo SEO optimization by content Social Media Social networks Technology TikTok Twitter Windows 11 YouTube

© 2019–2025 · SwaCash.com