Malicious Android Apps “Facebook Credentials Compromiser” downloaded more than 5.9 millions from Google Play Store

Android users are advised to reset their passwords from time to time to avoid their accounts remain compromised for days. Social account security risks increase at the same speed as the tech world achieves a new era in today’s most developing age. Tremendous innovations are there to see that make human life completely change and dependent on devices, applications, and different types of widgets. But the same is also alarming in the perspective of cybersecurity-related issues. We need to be aware all the time before using any sort of technological instrument.

 

Recently nine (9) different malicious android apps are found involved in stealing Facebook user’s credentials. They were doing their job behind the scene, keeping the user in dark about all the stuff.

 

According to a report, a total of 5.9 million users have installed these apps. This means that the same number of users may have been victimized.

Researchers said that

“The advertisements inside some of the apps were indeed present, and this maneuver was intended to further encourage Android device owners to perform the required actions”

 

Following is the list of those malicious android applications. Please check your device if you have any one of these, and uninstall immediately.

1. Processing Photo
2. PIP Photo
3. Rubbish Cleaner
4. Horoscope Daily 
5. App Lock Manager
6. Horoscope Pi 
7. Lockit Master
8. App Lock Keep
9. Inwell Fitness
    

The above applications were programmed in a way that the actual Facebook login page (https://facebook.com/login) is being displayed to the users and it’s the original login page of the Facebook Page. But they were injection some sort of JavaScript code that gets send the user's login information to the attacker’s servers while the user types his/her username and password on the Facebook login form.

 

Researchers found that they were using the below technique to get the user credentials:

 “These trojans used a special mechanism to trick their victims. After receiving the necessary settings from one of the command-and-control servers (C2) upon launch, they loaded the legitimate Facebook web page into WebView. Next, they loaded JavaScript received from the C2 server into the same WebView. This script was directly used to highjack the entered login credentials.”

 

These apps can have access to the user's other data as well. The hacker can easily hack the device session data, cookies, etc.

 

There are have been many incidents and it’s expected to see these in the future as well. We don’t have control over them but we can protect ourselves by accepting the consent of only the trustworthy apps while downloading. Avoid unnecessary downloads. Only allow the apps to access the required stuff on your phone. Use two-factor authentication for all your account. Kill the unnecessary background processes.

 

As we are putting everything on social media nowadays and a single mistake will be enough to destroy our life. So be careful while browsing, sharing, and downloading anything from the internet.

 

Stay protected!