Google found 9 malware apps that stole Facebook passwords from Android device users, according to one research of Dr. Web.
Το πιο ανησυχητικό είναι ότι αυτές οι εφαρμογές έχουν κατέβει από το Play Store περισσότερες από 5,8 εκατομμύρια φορές. Οι εφαρμογές φαινόταν κανονικές και έκαναν αυτό που έλεγαν ότι κάνουν, όπως επεξεργασία εικόνων, άσκηση ή education.
Because they contained ads, users had the option to disable them by linking the app to Facebook. Initially, although they loaded the actual page, they redirected users to another page that was very similar to the Facebook login form. The malware intercepted the login credentials and forwarded them to the hackers' command and control server along with the cookies from other authentication sessions.
Investigators security of Dr. Web they said:
Malware analysis showed that all applications had settings for stealing links and passwords from Facebook accounts. However, attackers could easily change the settings to load the website of another legitimate service. They could also use a completely fake login form found on another site (phishing).
In the following list you will see which applications contained malware:
The PIP Photo app had the most downloads (5,8 million). The following are:
- Horoscope Pi: about 1.000 downloads
- Lockit Master about 5.000 downloads
- App Lock Manager: about ten downloads
- Horoscope Daily: about 100.000 downloads
- App Lock Keep: about 50.000 downloads
- Inwell Fitness: about 100.000 downloads
- Rubbish Cleaner: about 100.000 downloads
- Photo Processing: approximately 500.000 downloads
Applications have already been removed from Google Play Store and Google blacklisted the creators of all nine apps, preventing them from submitting new ones. Of course, that doesn't mean anything.
Google should improve the security systems it uses, and stop taking half measures.
