These Android apps only want to steal your Facebook login details
25 malicious apps that stole Facebook credentials have been removed from the Play Store
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Googlehas removed 25 Android apps from theGoogle Play Storeafter it was discovered that they were stealing users' Facebook credentials.
The malicious apps, which were collectively downloaded more than 2.34m times, were all created by the same developer. While the apps appeared to be different from one another, they all shared the same code that enabled them to harvest the credentials ofFacebookusers.
The French cybersecurity firm Evina was the first to discover these apps and the company reported its findings to Google. The apps themselves posed as legitimate applications including step counters, image editors, video editors, wallpaper apps, flashlight apps, file managers and mobile games.
Stealing Facebook credentials
In ablog post, Evina provided more details on how these malicious apps stole users' Facebook credentials, saying:
“When an application is launched on your phone, the malware queries the application name. If it is a Facebook application, the malware will launch a browser that loads Facebook at the same time. The browser is displayed in the foreground which makes you think that the application launched it. When you enter your credentials into this browser, the malware executes java script to retrieve them. The malware then sends your account information to a server.”
Evina discovered these 25malicious appsfrom the developer Rio Reader LLC and reported them to Google at the end of May. After verifying the firm’s findings, Google removed the apps from thePlay Storeearlier this month.
However, some of the apps were available on the Play Store for more than a year before they were removed which means that the developers were able to steal the credentials of many Facebook users before their operation was shut down.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
ViaZDNet
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
This new malware utilizes a rare programming language to evade traditional detection methods
A new form of macOS malware is being used by devious North Korean hackers
Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time
