Thursday, July 7

Google removes apps that stole Facebook passwords | Digital Trends Spanish

The security and privacy of our sensitive information continues to be a primary concern while browsing the web.

Ars Technica points out that Google has already removed nine popular apps from the Play Store after analysts discovered they were Trojans stealing Facebook login details.

According to the information, the malware had more than 5.8 million downloads combined and masqueraded as easy-to-find titles such as “Daily Horoscope” or “Junk Cleaner.”

How did they work?

The applications tricked users by displaying the actual Facebook login page, only to load JavaScript from a command and control server to hijack the credentials and pass them to the application.

They also stole cookies from the authorization session. According to experts, Facebook was the target in each case, but the creators could easily have directed users to other Internet services.

In these applications there were five variants, but all of them used the same JavaScript code and the same configuration file formats to steal the data.

One of the main concerns of the analysts, is how these applications could add so many downloads, especially since Google’s automated detection keeps a lot of malware out of the Play Store.

In accordance with an article from Engadget, the subtlety of this technique could have helped rogue apps bypass these defense mechanisms and leave victims unaware that their Facebook data was being stolen.

Editor’s Recommendations