H Google κατάργησε 25 Android εφαρμογές που έκλεβαν τα διαπιστευτήρια για το Facebook. Δείτε τη λίστα και κατslowστε τις από την συσκευή σας άμεσα.
Mobile devices and cell phones phones they have an increasing presence as powerful productivity machines, but they are also a major backdoor if not managed properly. The latest example is Google, which at the end of June removed 25 Android applications from the Google Play Store, because they were "caught" stealing Facebook credentials.
These 25 malicious apps were all made by the same team (Rio Reader LLC) and despite offering different features, they all worked the same underground. Before Google security caught on and took them down, the 25 apps had a total of over 2,34 millions downloads.
According to a report by the French security company Evina, apps are featured as step counters, image editors, video editors, wallpaper apps, lens apps, file managers and gamea for mobiles.
The applications offered legitimate functionality, but also contained malicious code. Evina researchers say the apps contained code that identifies which app was recently opened by a user in the foreground of the phone.
If this app was Facebook, the malicious app overlaid the official Facebook app with its own screen and uploaded a fake Facebook login page (see image below: blue line = real Facebook app, black line = phishing page) .
If users entered their credentials on this phishing site, the malicious application would record them and send them to a remote server located in the airshop.pw domain (which does not work now).
Evina said it found the malicious code embedded in 25 apps and reported it to Google in late May. Google after verifying the findings of the French company security, remove dangerous apps. Some of the apps were available on Play Store for more than a year!!!.
The full list of 25 applications, their names and package ID, is listed below. When Google removes malicious applications from the Google Store, it also disables applications on the user's devices and notifies them through the Play Protect service (included in the official Play Store application).
