Google has removed nine popular Android apps from the Play Store after they were caught stealing Facebook login details. The apps were stealing users' data using identical JavaScript code.
All nine applications provided legal services and were downloaded more than 5.8 million times. Security researchers at Dr. Web These malicious applications have used a mechanism to trick users into giving out their Facebook IDs and passwords.
The apps lured users to disable in-app ads by adding their Facebook profiles. When a user links their FB account, they see a form asking to enter their Facebook username and password.
The model looks original, so users fall into their trap. Once you enter the credentials, the page loads into the Android WebView, which is legitimate.
Researchers discovered that hackers loaded malicious JavaScript into the same WebView, to steal data
Web researchers say,
This script was used directly to hack the entered login credentials. Then, using the methods provided through the JavascriptInterface annotation. Pass the stolen JavaScript login and password to Trojan apps.
Which then transmits the data to the attackers' command and control server. After the victim logs in to their account. Trojans also steal cookies from the current authorization session. These cookies are also sent to cybercriminals."
Identify five different types of malware in applications. Of those, three were Android apps, and the other two used the Google Flutter framework. They are all classified as the same Trojan because they used similar configuration file formats and JavaScript code.
Immediately delete this apps from your phone
- PIP Photo (5,000,000+ downloads)
- Processing Photo (500,000+ downloads)
- Rubbish Cleaner (100,000+ downloads)
- Inwell Fitness (100,000+ downloads)
- Horoscope Daily (100,000+ downloads)
- App Lock Keep (50,000+ downloads)
- Lockit Master (5,000+ downloads)
- Horoscope Pi (1,000 downloads)
- App Lock manager (10 downloads)
All of these apps are removed from the store, and app publishers are also banned, so they can't publish new apps. If you have installed any app from the list then uninstall it now. Do not forget to share the article with your friends to benefit from it
You may also be interested in How to download and save TikTok videos without a logo
Our website's tag: #Free_courses #Marketing #Learn #Technology #Profit FromYoutube #Visitors #Profit From CPA #Earn #self_development #money #profit from the Internet #technology #phone #software #applications #applications #e-commerce #free-courses