Google removes 25 apps after they have been caught stealing login details from Facebook

Article Edited by | Jhon N |


Cybersecurity firm Evina reported these applications to Google and managed to reverse-engineer the malware that enabled us to protect end-users against it.

These apps were mostly offered services such as file managers, wallpaper management, weather and screenshot editor. These apps came with a malware that used to steal your login details on your phone when you launched them.

Explaining how these malicious apps work, Evina said in her blog post, "When an application is started on your phone, the name of the application is queried by the malware. If it is a Facebook application, a browser that loads Facebook at the same time will launch the malware.

The browser is displayed in the foreground, which makes you think it was launched by the application. When you enter your credentials in this browser, the malware will execute java-script to get them. The malware then sends information regarding your account to a server.

"It's a fraudulent technique that highlights the danger and reflects the importance of protecting yourself. When it's launched, Facebook can not identify it as the malware displays in front of the legit app, "said Lionel Ferri, CTO, Evina.

Recently, after being caught collecting sensitive user data, Google has removed at least 106 Chrome extensions which were identified as a threat to user privacy.

Cyber security firm Awake Security had identified 111 Chrome extensions and alerted Google about the same and Google took down 106 out of those 111 extensions.

These extensions reportedly posed as tools for enhancing web searches and had the ability to take screenshots, read the clipboard, harvest authentication cookies or grab user keystrokes to read passwords and other confidential data.