Beware!! 5.8 Million Times Downloaded Android App Steals Facebook Passwords

https://gbhackers.com/android-app-steals-facebook-passwords/

Now a number of you might be believing, Why? Its convenient to use the very same credentials on several apps and services, as in this case you dont have to remember various qualifications for different services and apps.

It appears that the drastic wave of cyberattacks has not yet appropriately able to teach the users to develop their security habits. As there are many users who still utilize the common and jeopardized qualifications on numerous services and apps.

And here comes the key roleplay of hackers; they primarily target users main social media accounts qualifications, through which they map to hack other accounts using those same credentials.

If we talk about security and personal privacy? Let me clarify that not all the apps are secure, considering that there are many that ask for access to the Facebook account or even in some cases ask the users to put their Facebook credentials.

Security experts of Doctor Web have made a security analysis on these apps, and during their examination, they determined 10 destructive applications on Google Play that have actually taken Facebook credentials of all their users.

. Apps Request Access to Facebook

Use of apps has seen significant heights, because nowadays it is normal to download apps for almost all day-to-day jobs like for online shopping, social networking, e-mail, modifying, banking, etc

New Technique to Steal Facebook Credentials

The operators of these malicious apps simply perform their operation by loading destructive Javascripts that are capable of taking the users Facebook login qualifications.

Once they record the credentials, the destructive script sent out those information to the server managed by the danger stars. And the operators of these apps pack the legitimate Facebook web page “www [] facebook [] com/login [] php” into WebView.

Apart from this, they likewise steal the Facebook credentials by enticing the users, and here, they offer ad-free UI in exchange for access to the Facebook account. As in a lot of cases, users concur with their terms to remove the bothersome ads by connecting their Facebook account.

Not only that, even the professionals have actually also declared that the trojans utilized by the hazard stars provide equivalent capabilities to take existing authorization session cookies.

To take Facebook qualifications the cybercriminals used trojans, and they do so while user creates their profile in apps by connecting their Facebook account.

List of apps

Below we have discussed all the destructive apps with all their key information:-.

And not just that, even they have also recommended the users to immediately change their Facebook login credentials, otherwise their accounts will be abused.

After identifying these apps the security specialist of Doctor Web instantly alerted Google about these apps. So, in terms of reaction, we must say that Google fasted to take action against these destructive apps.

This problem will remain the same for the users who have already set up these apps and utilizing them on their Android devices.

EditorPhotoPip, this is app is gotten rid of by Google from Google Play, and its spotted as Android.PWS.Facebook.15.

Once they catch the credentials, the destructive script sent out those information to the server managed by the danger actors. And the operators of these apps pack the legitimate Facebook web page “www [

App Lock Keep, from Sheralaw Rence with more than 50,000 downloads and discovered as Android.PWS.Facebook.13.

Googles Response & & Recommendation.

Lockit Master, from Enali mchicolo with more than 5,000 downloads and discovered as Android.PWS.Facebook.13.

Horoscope Daily, from HscopeDaily momo with more than 100,000 downloads and discovered as Android.PWS.Facebook.13.

So, in this case, the professionals have actually highly advised all the users to uninstall or get rid of all these harmful apps from their gadgets in case if they set up these applications.

As after getting informed, Google eliminated all these malicious applications from the Google Play Store, but, the fact is that this action would not repair the concern completely.

App Lock Manager, from Implummet col with more than 10,000 downloads and discovered as Android.PWS.Facebook.13.

PIP Photo, from Lillians with more than 5 million downloads and found as Android.PWS.Facebook.17 and Android.PWS.Facebook.18, because it has several versions.

You can follow us on Linkedin, Twitter, Facebook for everyday Cybersecurity and hacking news updates.

Inwell Fitness, from Reuben Germaine with more than 100,000 downloads and spotted as Android.PWS.Facebook.14.

Horoscope Pi, from Talleyr Shauna with more than 1,000 downloads and identified as Android.PWS.Facebook.13.

Rubbish Cleaner, from SNT.rbcl with more than 100,000 downloads and found as Android.PWS.Facebook.13.

Processing Photo, from chikumburahamilton with more than 500,000 downloads, and discovered as Android.PWS.Facebook.13.