Uninstall These Malicious Android Apps That Stole Facebook Passwords

Photo by sitthiphong (Shutterstock)Dr. Researchers from Dr. Web discovered nine apps that had more than 5.8million combined downloads. They were stealing Facebook passwords by using genuine Facebook login pages. Google has removed the nine apps and banned the developer. However, if you have downloaded any of the apps, it is time to change your passwords.AdvertisementHow did these apps get the data?The researchers at Dr. Web claims that chikumburahamilton was the developer of these apps. He created them for photo editing and exercising as well as junk cleaning. These apps would prompt users after a certain point to log in with Facebook to unlock all the functionality.Users could do this to have their own C&C server installed. This is a Command-and Control server that the developer uses to store and copy data from a webpage. The app then loaded the authentic Facebook login page after receiving the settings from C&C server.The app then loaded jаvascript from the C&C server to the Facebook login page. (jаvascript code can be used at any time, even if a user taps on a field). The jаvascript code was used to create the username and password.G/O Media could be eligible for a World of Warcraft 60 Day Time Card at Eneba. Use the promo code: 20210704The jаvascript passed the copied data on to the app, which then passed it to the C&C server. It was then saved. After the user log in, the jаvascript also steals cookies from the current session. These were then sent to cybercriminals.AdvertisementThe apps used Facebook's authentic login page in this case. However, jаvascript and C&C servers are so flexible that they could do this with any service that requires you to log in.What can you do?First, check whether you are using one of these apps.PIP Photo Processing Photo Rubbish cleaner Inwell Fitness Horoscope Daily Ap Lock Keep Lockit Master Pi App lock ManagerYou must uninstall any app that you have installed.AdvertisementIf you have used Facebook to log in, you will need to reset the password immediately.Keep your eyes open for suspicious code. To detect malicious code in apps, use Malwarebytes, a trusted antivirus program. Avoid connecting third-party apps from the Play Store to Facebook. It is trivial for developers to reenter or resubmit apps after an app has been taken down because of the Play Store's structure (a developer license costs only $25).AdvertisementFinally, enable two-factor authentication on any site that allows it and pair it up with a password manager. This will allow you to securely generate long passwords and keep them safe. Even if your password is revealed by a website leak, two-factor authentication will keep hackers away.[Ars Technica]