
In its continuing efforts to pull down Android applications that violate privacy policies, Google has reportedly announced that it has removed nine applications from the Play Store directory. Supposedly, the tech giant took this step after reports surfaced about trojans stealing login details of user’s Facebook accounts.
These apps were not difficult to find as the malware had more than 5.8 million downloads collectively and had titles like "Rubbish Cleaner" and "Horoscope Daily" that were easy to identify, reports suggest. Apparently, to extract users’ login details, the app would load the real Facebook sign-in page to trick users into entering their credentials, which, in reality, was a JavaScript from a command-and-control server.
The program would then hijack credentials and pass them to the app, taking them to the command server, as per reports. Reliable sources claim, the trojans were also stealing cookies from the authorization session.
Notably, in each case, Facebook was the target, however, creators of the malware could have easily directed users towards other internet services. Five malware variants were reportedly involved in the mix but all of them were running the same configuration file formats and JavaScript code.
Google stated that it has banned all these app developers from the store. However, the company further added that it was uncertain about the deterrent effect of the ban as perpetrators were likely to create new developer accounts.
The tech giant would supposedly need to screen for the malware itself in order to prevent attackers from using the same. The key question has seemingly been about the way these apps were able to amass so many downloads before they were removed.
According to reports, the firm’s primarily automated screening typically protects the Play Store against a lot of malware. However, in this case, subtle techniques of these rogue apps might have enabled the malware to slip past these barricades, leaving users unaware that their Facebook credentials had fallen into the wrong hands.
Source credits: https://www.engadget.com/google-removes-android-apps-stealing-facebook-passwords-192721252.html