Researchers from security firm ESET have identified a malware that steals Facebook login credentials. The trojan is disguised as a game of its platform Android and has come down a million times to date.
ESET's Robert Lipovsky reports that Cowboy Adventure and Jump Chess, before being removed from Google Play for stealing Facebook credentials, were downloaded by its users services, a million times.
Fraudsters had created a seemingly legitimate game by copying popular titles, adding malicious code που υπέκλεπτε κωδικούς πρόσβασης του Facebοok, από ιστοσελίδες Phishing which were opened through the malicious games.
Lipovsky Reported that "… although the number of potential victims was one million, there were many who were not deceived by the fraud."
"Our analysis of these malicious games has shown that the applications were written in C # and used the Mono Framework.
“The phishing code is inside TinkerAccountLibrary.dll. The application communicates with the command and control server via HTTPS and the address in which it sends the credentials it collects, loads them to the server dynamically.”
