Her researchers companyς ασφαλείας ESET εντόπισαν ένα κακόβουλο software that steals Facebook login credentials. The trojan has been disguised as a game on the Android platform and has been downloaded a million times to date.
ESET's Robert Lipovsky says the Cowboy Adventure game and Jump Chess before being removed from Google Play for Facebook credentials have been downloaded by users of the service a million times.
Fraudsters had created a seemingly legitimate game by copying popular titles, adding code-stealing malware access of Facebook, from phishing websites that were opened through the malicious games.
Lipovsky Reported that "… although the number of potential victims was one million, there were many who were not deceived by the fraud."
"Our analysis of these malicious games has shown that the applications were written in C # and used the Mono Framework.
"THE codephishing is located inside TinkerAccountLibrary.dll. The application communicates with the command and control server via HTTPS and the address in which it sends the credentials it collects, loads them to the server dynamically.”
