Google has removed 25 Android apps that stole Facebook credentials. View the list and remove them from your device immediately.
Mobile devices and cell phones are increasingly emerging as powerful productivity machines, but they are also an important backdoor if you do not manage them properly. A recent example was Google removing 25 Android apps from the Google Play Store at the end of June because they were "caught" stealing credentials on Facebook.
These 25 malicious apps were all made by her team (Rio Reader LLC) και παρά την προσφορά διαφορετικών λειτουργιών, υπογείως όλες λειτούργησαν το ίδιο. Προτού τις αντιληφθεί η ασφάλεια της Google και τις καταργήσει, οι 25 εφαρμογές είχαν συνολικά πάνω από 2,34 millions downloads.
According to a report by the French security company Evina, applications are presented as step counters, image editors, video editors, wallpaper applications, lens applications, file managers, and mobile games.
The apps offered a legitimate functionality, but they also contained and malicious κώδικα. Οι ερευνητές της Evina λένε ότι οι εφαρμογές περιείχαν κώδικα που εντοπίζει ποια εφαρμογή άνοιξε πρόσφατα ένας χρήστης μέσα από το προσκήνιο του τηλεφώνου.
If this app was Facebook, the malicious app overlaid the official Facebook app with its own screen and uploaded a fake Facebook login page (see image below: blue line = real Facebook app, black line = phishing page) .
If users entered their credentials on this phishing site, the malicious application would record them and send them to a remote server located in the airshop.pw domain (which does not work now).
Evina said it found the malicious code embedded in 25 apps and reported it to Google in late May. Google after verifying the findings of the French company security, remove dangerous apps. Some of the apps were available on Play Store for more than a year!!!.
The full list of 25 applications, their names and package ID, is listed below. When Google removes malicious applications from the Google Store, it also disables applications on the user's devices and notifies them through the Play Protect service (included in the official Play Store application).