H Google removed 25 Android apps that were stealing Facebook credentials. See the list and remove them from your device immediately.
Mobile devices and cell phones phones they have an increasing presence as powerful productivity machines, but they are also a major backdoor if not managed properly. The latest example is Google, which at the end of June removed 25 Android applications from the Google Play Store, because they were "caught" stealing Facebook credentials.
These 25 malicious applications were all built by the same team (Rio Reader LLC) and despite offering different functions, they all worked the same underground. Before being recognized by Google Security and removed, the 25 apps had a total of over 2,34 million downloads.
According to a report by the French security company Evina, applications are presented as step counters, image editors, video editors, wallpaper applications, lens applications, file managers, and mobile games.
Οι εφαρμογές προσέφεραν μια νόμιμη λειτουργικότητα, αλλά περιείχαν επίσης και κακόβουλο κώδικα. Οι researchers της Evina λένε ότι οι εφαρμογές περιείχαν κώδικα που εντοπίζει ποια εφαρμογή άνοιξε recently a user through the phone foreground.
If that app was Facebook, the malicious app would overlay a screen of its own on the official Facebook app and load a fake Facebook login page (see image below: blue line = real Facebook app, black line = phishing page).
If users entered their credentials on this phishing site, the malicious application would record them and send them to a remote server located in the airshop.pw domain (which does not work now).
Evina said she found the malware embedded in 25 applications and reported it to Google in late May. Google has removed the dangerous applications after verifying the findings of the French security company. Some of the applications were available in the Play Store for more than a year !!!.
The full list of 25 applications, their names and package ID, is listed below. When Google removes malicious applications from the Google Store, it also disables applications on the user's devices and notifies them through the Play Protect service (included in the official Play Store application).
