There are malicious Android applications that are stealing the user’s Facebook login details. The latest report from Evina, anti-fraud solutions that provides security to the business. They have written a blog post saying, the 25 applications on play store are stealing the user’s Facebook login credentials in the background. However, ZDNet reported that all the applications are from different genres.
How these apps access Facebook data?
When launching an application on your device. The app generated malware queries with the name of the other application like Facebook. Both the malicious and Facebook application launches at the same time. On the foreground, there will be a browser where the user enters the data while they enter the valid credentials. But the user will not be aware or notified that at the background it executes a javascript query that sends the data to the server through the malicious app. It was identified by the Evina firm.
Mainly the apps were creating a Facebook login page where the user thinks as a valid page. But entering the data can make malicious apps to access social media accounts.
While these malicious apps are simple tools such as flashlights, wallpaper, code scanner, games, and others. However, this was been reported to Google. After that Google, has removed the 25 malicious applications from the play store. But before removing, these apps were available on play store for more than a year. After removing the apps, google also notifies to the user about the apps containing malware as security protection to the user’s data.
The list of 25 apps that were removed by Google
Read More: