Home Technology These Android apps have been able to steal your Facebook password

These Android apps have been able to steal your Facebook password

5
0

These are the 10 apps that could have stolen your Facebook password.

 

On many occasions, you have surely entered some type of application or service using your Facebook credentials, a procedure that may seem defenseless, but when cybercriminals are involved it can become a real nightmare. Now up to nine applications that have been present on Google Play, have stolen Facebook passwords with this procedure.

According to the malware analysis firm, drweb, up to 10 applications (9 were present on Google Play) have been found to have used Trojans to steal users’ Facebook logins and passwords.

After informing Google, all these applications have already been deleted from the Google Play Store, but since many of them have thousands and thousands of installations, you have likely a few installed on your device.

To trick the user into keeping their Facebook credentials, these malicious apps offered users an option to disable the ads as long as they logged into their Facebook account. Obviously, most users agreed to remove the ads, and they were presented with a Facebook session message requesting their username and password.

Those applications, what they did, was load JavaScript-capable of stealing the user’s login credentials. Subsequently, all this information was sent to the attackers’ servers. The Trojans were equally capable of stealing current authorization session cookies.

This is the list of applications that these Trojans contained, and the number of installations carried out:

  • App Lock Keep: downloaded at least 50,000
  • App Lock Manager: downloaded at least 10,000
  • Horoscope Daily: The app has been installed over 100,000 times
  • Horoscope Pi: has more than 1000 installations
  • Inwell Fitness – a fitness app with over 100,000 installations
  • Lockit Master: downloaded at least 5,000 times
  • PIP Photo – An image editing application that has more than 5 million installs.
  • Processing Photo: a photo editing software installed more than 500,000 times
  • Rubbish Cleaner – An application aimed at optimizing Android performance that has been downloaded more than 100,000 times
  • A tenth application that was discovered was EditorPhotoPip, but it was not available on Google Play.

If unfortunately, you have ever installed any of these applications, we advise you to change your Facebook password as soon as possible because it is likely to be compromised.