Google removes nine apps for stealing Facebook password
2021-07-06 00:21:42 BdST
2021-09-16 22:28:57 BdST
Live Correspondent: Google has removed apps with 5.8 million downloads from the Play Store that were stealing users’ Facebook login details. Google has banned the developers of all nine apps from the store, meaning they will not be allowed to submit new apps.
The malware apps offered useful services like photo editing and framing, exercise and training, horoscopes, and removal of unwanted files from Android devices. These malicious apps got their way around users' Facebook credentials by offering an option to disable in-app ads if they logged in from their Facebook accounts.
According to a post published by a security firm, Dr. Web users who chose the option saw a Facebook login form that required them to fill in their usernames and passwords. The security firm further analyzed the malicious programs to find that the apps received settings for stealing logins and passwords of Facebook accounts.
The apps tricked users by loading into the Facebook sign-in page to steal their login details and to pass them along to the app. The report noted that the malware would also steal cookies from the authorization session. In each case, Facebook was targeted, but the creators could have also taken advantage of other legitimate internet services by using fake logins on a phishing site.
These Android apps included Rubbish Cleaner, Inkwell Fitness, Horoscope Daily which nearly had 1 Lakh downloads each, App Lock Keep, Lockit Master with 50,000 downloads each. Horoscope Pi with 1000 downloads and App Lock Manager with 10 downloads.
Dhaka, 05 July (campuslive24.com)//BSC