Google removes apps that steal Facebook passwords

The security and privacy of our sensitive information continues to be a major concern when browsing the web.

Ars Technica refers to it Google After researchers discovered that Trojans were stealing Facebook login details, nine popular apps were removed from the Play Store.

According to reports, more than 5.8 million downloads of the malware have been linked and hidden under easy-to-find topics such as the Daily Horoscope or Junk Cleaner.

How did they work?

Applications are a command that displays users the actual Facebook login page and sends credentials to the application only to load JavaScript from the control server.

They stole Cookies Authorization Session. According to experts, Facebook was the target in every case, but the creators could have easily guided users to other web services.

There were five types of these applications, but they each used the same JavaScript code and the same configuration file formats to steal data.

One of the main concerns of researchers is how these apps were able to add multiple downloads, as Google’s automatic detection keeps a lot of malware out of the Play Store.

Accordingly An article from Engadget, The subtlety of this technique may have helped Applications Avoiding these security measures is wrong and leaves victims unaware that their Facebook data has been stolen.

Author’s recommendations




See also  A new feature that WhatsApp is testing to light the fire of contacts

Misty Tate

"Freelance twitter advocate. Hardcore food nerd. Avid writer. Infuriatingly humble problem solver."

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top