Facebook passwords stolen by 25 malicious Android apps: What to do

Facebook passwords stolen past 25 malicious Android apps: What to do

(Paradigm credit: dennizn / Shutterstock.com)

Twenty-v malicious Android apps that were secretly designed to steal Facebook account credentials take been deleted from the Google Play Shop.

According to French information-security house Evina, the apps amassed over two.34 one thousand thousand downloads before they were removed from the Play Store in early June.

The best Android antivirus apps: stay protected on your telephone
All-time VPN: add an extra layer of security with a virtual private network
Just in: TikTok to stop spying on iPhone users after iOS14 exposes huge flaw

In a blog post, Evina's researchers wrote: "This malware could effectively ruin your online and offline life by making off with the credentials of i of your about valued pieces of digital real estate."

The apps also bombarded users with ads and opened new spider web-browser tabs, co-ordinate to aroused user reviews on Google Play that were captured past Evina. It's not clear how many users ended up having their Facebook credentials stolen.

Tricking users

To pull a fast one on Android users into downloading them, the 25 malicious apps masqueraded as games, flashlights, wallpapers, paradigm and video editing software, QR code scanners, step counters and file managers.

While the apps performed these functions, the researchers said the apps could also "cheque if the Facebook app is running in foreground".

If that was the instance, the apps would then attempt to fool users into entering their Facebook credentials into a fake Facebook login page.

"When an awarding is launched on your phone, the malware queries the application name," said the Evina blog postal service. "If it is a Facebook application, the malware will launch a browser that loads Facebook at the aforementioned fourth dimension."

"The browser is displayed in the foreground which makes you think that the application launched information technology."

Playing into hackers' hands

Past performing these actions, users were effectively sending their Facebook credentials directly to hackers -- except they didn't know.

The researchers explained: "When you enter your credentials into this browser, the malware executes JavaScript to retrieve them. The malware then sends your account information to a server."

Evina discovered the malicious apps in May and after reported them to Google. After reviewing the findings, Google went on to remove them at the start of June.

"Downloading unknown or low reviewed apps on the Play Store tin be fraught with danger," Jake Moore, a security specialist at ESET, told Tom's Guide.

"These apps tin crusade damage to a device or fifty-fifty steal credentials such as passwords and ane fourth dimension passwords. I would always suggest users fully research apps before they think of installing them.

He added: "Malware can lurk around on legitimate app stores but they are easier to distinguish class genuine apps equally download numbers will commonly exist low. My advice would be to stick to well-known apps with adept reviews and trusted app stores.

"Furthermore, to protect your social media and other accounts from being hacked, brand sure you lot turn on two gene authentication in case your details are ever compromised."

To that, nosotros'd add that i of the best Android antivirus apps will help protect your telephone from malicious apps such as these, whether they come from Google Play or "off-route" app markets.

Read more than:Today's all-time Android antivirus apps and Android VPNs

Nicholas Fearn is a freelance technology journalist and copywriter from the Welsh valleys. His piece of work has appeared in publications such every bit the FT, the Contained, the Daily Telegraph, The Adjacent Web, T3, Android Central, Figurer Weekly, and many others. He also happens to exist a diehard Mariah Carey fan!