25 apps that steal your Facebook credentials
Twenty-five malicious applications were detected by the cybersecurity company Evina on the Play Store. They were caught in the act of stealing Facebook credentials. Google has decided to delete them all.
The computer security company Evina has been quite prolific lately. After discovering the Android Spydden App malware, the French company recently highlighted 25 malicious applications available on the Google Play Store.
These fake apps belonged to a group of hackers and were intended to steal users’ Facebook credentials and then carry out phishing campaigns. With a total of 2.36 million downloads, this operation was far from trivial. To make sure they target as many people as possible, the hackers made sure to vary the genres.
Among the infected applications, there is a step counter, video and image editors, flashlights, Android games, or file managers. This diversity allowed hackers to stay under the radar for a while. While most of these applications were truly functional, any functionality was associated with malicious code responsible for stealing your data. The operating mode is moreover rather insidious.
Indeed, the malware can detect the last application opened. If it is Facebook, the malware takes care of superimposing a false social network connection page on it. The interface is similar, and only a keen eye could see the difference. It only remains for the user to fall into the trap by entering their credentials to connect to the social network. The data entered is sent directly to a remote server belonging to the hackers.
The Evina company communicated its discovery to Google in late May 2020. The Mountain View company deleted all the applications concerned in the process. Besides, Google has notified users who have downloaded these apps via Google Protect. If you have ever installed one of them, do not hesitate to remove it quickly.