Android apps with over 5.8 million downloads caught stealing users’ Facebook passwords
- Most of these trojan apps offered photo editing and app lock features.
- These apps asked users to sign in with Facebook to unlock features and disable in-app advertisements.
- If you used these apps and logged in with your Facebook account, you may want to change your passwords now.
Security firm Doctor Web has published a report that identifies these 9 trojan apps which offered photo editing and app lock features. All these apps were found on the Google Play store, amassing nearly 6 million downloads amongst themselves.
The report goes on to add that Google had only removed some of these apps from the Play store, as of July 1, 2021, when the report went live.
AdvertisementPIP Photo app was the most downloaded among these apps, with 5 million downloads of its own.
How did these apps steal Facebook passwords?
All the apps mentioned in the report offered real features, causing the unsuspecting users to trust them. They even allowed users to unlock more features and disable in-app advertisements by logging into their Facebook accounts.
These apps exploited the widespread use of Google and Facebook login – something that is offered by many apps and games – to steal passwords of unsuspecting users.
The research firm describes the exploit mechanism below:
“After receiving the necessary settings from one of the C&C servers upon launch, they loaded the legitimate Facebook web page https://www.facebook.com/login.php into WebView.
After the victim logged into their account, the trojans also stole cookies from the current authorization session. Those cookies were also sent to cybercriminals.”
Here are the trojan apps mentioned in the report
AdvertisementIf you have any of these apps installed on your phone, you may want to uninstall them:
- PIP Photo
- Processing Photo
- Rubbish Cleaner
- Horoscope Daily
- App Lock Keep
- Lockit Master
- Horoscope Pi
- App Lock Manager
- Inwell Fitness
In case you downloaded these apps and used the Facebook login option, it is recommended that you unauthorize these apps from your Facebook account and change your password.
A COVID-19 SMS malware is targeting users in India as they look for alternatives to CoWIN for vaccine registration
A fake coronavirus tracking app is actually ransomware that threatens to leak social media accounts and delete a phone's storage unless a victim pays $100 in bitcoin
Hackers are using these fake coronavirus maps to give people malware
Popular on BI
- Best steel chair for living room in India
- Best floodlights for outdoors in India
- CCI approves HDFC Bank's acquisition of 4.99% stake in HDFC ERGO General Insurance Company
- Best front lights for bicycles in India
- Best document scanners for office and home use in India