It seems that the drastic wave of cyberattacks has not yet properly able to teach the users to develop their security habits. As there are many users who still use the common and compromised credentials on several services and apps.
Now many of you might be thinking, Why? It’s convenient to use the same credentials on multiple apps and services, as in this case you don’t have to remember different credentials for different services and apps.
And here comes the key roleplay of hackers; they mainly target users’ primary social network accounts credentials, through which they map to hack other accounts using those same credentials.
Usage of apps has seen dramatic heights, since nowadays it is normal to download apps for almost all daily tasks like for online shopping, social networking, email, editing, banking, etc.
Security analysts of Doctor Web have made a security analysis on these apps, and during their investigation, they identified 10 malicious applications on Google Play that have stolen Facebook credentials of all their users.
But, if we talk about security and privacy? Then let me clarify that not all the apps are secure, since there are many that ask for access to the Facebook account or even in some cases ask the users to put their Facebook credentials.
To steal Facebook credentials the cybercriminals used trojans, and they do so while user creates their profile in apps by linking their Facebook account.
Apart from this, they also steal the Facebook credentials by luring the users, and here, they offer ad-free UI in exchange for access to the Facebook account. As in most cases, users agree with their terms to remove the annoying ads by linking their Facebook account.
The operators of these malicious apps simply execute their operation by loading malicious Javascripts that are capable of stealing the users’ Facebook login credentials.
Once they capture the credentials, the malicious script sent those details to the server controlled by the threat actors. And the operators of these apps load the legitimate Facebook web page “www[.]facebook[.]com/login[.]php” into WebView.
Not only that, even the experts have also claimed that the trojans used by the threat actors offer equal abilities to steal current authorization session cookies.
Below we have mentioned all the malicious apps with all their key details:-
After identifying these apps the security expert of Doctor Web immediately notified Google about these apps. So, in terms of response, we must say that Google was quick to take action against these malicious apps.
As after getting notified, Google removed all these malicious applications from the Google Play Store, but, the fact is that this action would not fix the issue completely.
This problem will remain the same for the users who have already installed these apps and using them on their Android devices.
So, in this case, the experts have strongly recommended all the users to uninstall or remove all these malicious apps from their devices in case if they installed these applications.
And not only that, even they have also recommended the users to immediately change their Facebook login credentials, or else their accounts will be abused.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
The Evasive Panda group deployed a new C# framework named CloudScout to target a Taiwanese…
Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in…
The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215 against…
Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors to…
A security researcher discovered a vulnerability in Windows theme files in the previous year, which…
The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy to…