Discovered 25 Android apps that were stealing users' Facebook login credentials. Here's how they worked and what they are
There was a little bit of everything, from solitaire games to wallpapers and flashlights, among the 25 dangerous apps discovered by French cybersecurity firm Evina and removed from the Play Store by Google. These apps, however, had already been downloaded 2.34 million times before removal.
This is yet another security hole in Google's Play Store prevention systems. A hole, by the way, particularly serious because these 25 apps were all infected with the same malware, which was trying to steal users' Facebook account login credentials. So these were not spy apps or apps that played with permissions and authorizations, but real infected apps. Apps that Google should be able to find in the blink of an eye, but that were once again found in the Play Store by an external company.
How the infected apps worked
The 25 apps appeared normal and safe to the user, because they did what they promised. At the same time, however, they installed a virus on the device that could figure out which apps the user had used recently and which ones were running in the background on the smartphone. Whenever the virus figured out that the app in use was Facebook, however, it went into action by opening a browser window containing a fake page for logging in to the social network. The user believed that it was necessary to re-enter his data to access Facebook (an app that he had actually opened and that had been put into the background by the virus) and often did so. I dati dell’account venivano così spediti al server di controllo del malware, mentre la finestra del browser veniva chiusa e l’utente poteva accedere normalmente all’app di Facebook (quella vera).
App che rubano il profilo Facebook: quali sono
Queste app in totale erano 25 e ora sono state rimosse dal Play Store. Ecco i loro nomi:
- Super Wallpapers Flashlight,
- Padenatef,
- Wallpaper Level,
- Contour level wallpaper,
- iPlayer & iWallPaper,
- Video Maker,
- Color Wallpapers,
- Pedometer,
- Powerful Flashlight,
- Super Bright Flashlight,
- Super Flashlight,
- Solitaire Game,
- Accurate snanning of QR Code,
- Classic card game,
- Junk File Cleaning,
- Synthetic Z,
- File Manager,
- Composite Z,
- Screenshot Capture,
- Daily Horoscope Wallpapers,
- Wuxia Reader,
- Plus Wheater,
- Anime Live Wallpaper,
- iHealth Step Counter,
- com.tqyapp.fiction.
Come difendersi dalle app pericolose
I sistemi di protezione del Google Play Store non sono molto efficaci, come dimostrano le centinaia di app pericolose scoperte negli ultimi mesi. Ciò vuol dire che deve essere l’utente ad aumentare il proprio livello di sicurezza, partendo dall’installazione di un buon antivirus, fino all’analisi delle recensioni e della software house che l’ha sviluppato.