Researchers of the company security ESET εντόπισαν ένα malware that steals Facebook login credentials. The trojan has been disguised as a game on the Android platform and has been downloaded a million times to date.
ESET's Robert Lipovsky reports that the game Cowboy Adventure, but also Jump chess, before being removed from Google Play for stealing Facebook credentials had been downloaded by users of the service, a million times.
Fraudsters had created an apparently legitimate game by copying popular titles, adding malicious code that stole Facebook passwords from websites Phishing which were opened through the malicious games.
Lipovsky Reported that "... although the number of potential victims was a million, there were many of them who had not been deceived by the scam. "
“Our analysis of these malicious games showed that the applications were written in C# and used the Mono Framework.
"THE codeς phishing βρίσκεται μέσα στο TinkerAccountLibrary.dll. Η εφαρμογή επικοινωνεί με το διακομιστή διοίκησης και ελέγχου μέσω HTTPS και η address στην οποία αποστέλλει τα διαπιστευτήρια που συλλέγει, τα φορτώνει στον διακομιστή δυναμικά.”