These Android Apps Stole Facebook Passwords To Have Access To Users Accounts

Controversies surrounding user data privacy and the apps seems to be getting more intense. Apps now collect as much data as possible and of course, their excuse is always based on commercial purposes only. But it will take naivety to believe such. Anyway, all internet users should think about their privacy themselves. Say, when using only one password for all your accounts (for you to easily remember it), if any of your accounts is hacked, attackers will access all of your accounts. That’s why even if you are very attentive when entering your Facebook login and password but ignore the other accounts, there is a huge risk your accounts will be attacked.

Google PlayStore

Well, we have already talked about which apps collect more user data. And now, we are going to talk about a new survey. Researchers found out up to 9 Android apps that included malicious code, which allows hackers to steal Facebook passwords.

According to Dr. Web explaination, those apps look like legitimate apps. Say, they offer basic photo editing features and the likes. But the developers of these apps steal Facebook passwords. Of course, Google has been informed about this and these apps are no longer available on the Google Play market.

Why we have been talking about the commercial use of user data at the beginning of the article is that the attackers told users they could eliminate ads simply by logging into their Facebook accounts. Those who logged in to their Facebook accounts gave their passwords on a plate.

How Attackers Stole Facebook Passwords

These trojans used a special mechanism to trick their victims. After receiving the necessary settings from one of the C&C servers upon launch, they loaded the legitimate Facebook web page into WebView. Next, they loaded JavaScript received from the C&C server into the same WebView. This script was directly used to hijack the entered login credentials. After that, this JavaScript, using the methods provided through the JavascriptInterface annotation, passed stolen login and password to the trojan applications, which then transferred the data to the attackers’ C&C server. After the victim logged into their account, the trojans also stole cookies from the current authorization session. Those cookies were also sent to cybercriminals.

Android Apps Stole Facebook Passwords

So if you have ever downloaded any from the nine apps below, change your Facebook password immediately. Moreover, change passwords for all those accounts that are identical to your Facebook password.

  • PIP Photo: more than 5.8 million downloads
  • Processing Photo: more than 500,000 downloads
  • Rubbish Cleaner: more than 100,000 downloads
  • Inwell Fitness: more than 100,000 downloads
  • Horoscope Daily: more than 100,000 downloads
  • App Lock Keep: more than 50,000 downloads
  • Lockit Master: more than 5,000 downloads
  • Horoscope Pi: 1,000 downloads
  • App Lock Manager: 10 downloads


You might also like
Leave A Reply

Your email address will not be published.