https://safirsoft.com Google checks Google Play apps to steal users' Facebook passwords

Researchers have discovered nine programs that use a peek to validate their authenticity. Google says it launched a sneak peek at nine Android apps that have been downloaded more than 5.8 million times from the company's Play Store after researchers said they were using stealth to steal. Facebook user login credentials.

According to a publication by the security company, the apps provide users confidence and reduce their care, are fully functional photo editing and framing services, practice and training, write with fortune, and remove junk files from Android devices. Dr.Web Company All detected software allows users to disable in-app ads by logging into their Facebook accounts. Users who select this option see a real Facebook login form that includes fields for entering usernames and passwords.

Next, as Dr. Webb researchers wrote:

These trojans used a special mechanism to deceive their victims after receiving the necessary settings from one of the command and control servers upon startup. Legal webpage https://www.facebook.com/login.php Facebook has been uploaded to the WebView. Then, they load the JavaScript received from the C&C server into the WebView itself. This script was directly used to steal login information. The JavaScript then transmitted the stolen login and password to the Trojan application, using methods provided by the JavascriptInterface annotation, and then transmitted the data to the attackers' command and control server. After the victim logged into their account, the Trojans also stole cookies from the current licensing session. These cookies are also sent to cybercriminals.

Malware analysis revealed that they all received login and login settings for Facebook accounts. However, attackers can easily change the settings of the Trojan and instruct them to download another legitimate service web page. They could even use a completely fake login form on a phishing site. Therefore, Trojans can be used to steal logins and passwords from any service.

https://safirsoft.com Google scans Google Play programs to steal users' Facebook passwords Zoom Dr. Web

Researchers have identified five types of malware found within applications. Three of them were native Android apps, and the other two used Google's Flutter framework, designed for cross-platform compatibility. Dr. categorizes them. Webb are all labeled Trojans because they use the same configuration file formats and the same JavaScript code to steal user information.

Advertising

Dr. Web of different types such as: Android.PWS.Facebook.13 Android.PWS.Facebook.14 Android.PWS.Facebook.15 Android.PWS.Facebook.17 Android. PWS.Facebook.18

The majority of downloads have been for an app called PIP Photo, which has been accessed over 5.8 million times. The program with the second most accessible image processing has had more than 500,000 downloads. The remaining apps are: App Lock Manager: 10 Downloads

A search in Google Play indicates that all apps have been removed from Play. A Google spokesperson said the company has also banned developers of all nine apps from the Store, which means they won't be allowed to release new apps. This is a decent thing to do, and it should end there. It is still a small hurdle for developers, as they can easily sign up for a new developer account under a different name for $25.

Anyone who has downloaded one of the above apps should thoroughly scan their devices and Facebook accounts for signs of hacking. Downloading a free Android antivirus from a reputable security company and scanning for additional malware is not a bad idea. My suggestion from Malwarebytes is my favorite.

Google checks Google Play apps to steal users' Facebook passwords
google-checks-google-play-apps-to-steal-users-facebook.html

https://safirsoft.com Vaccines, reopening and worker rebellion: The great technological row is back in office

Vaccines, reopening and worker rebellion: The great technological row is back in office

CEOs want workers back to their desks. For employees and other virus programs. Across the United States, the leaders of tech giants like Apple, Google...
https://safirsoft.com Brave.com, with the help of Google, squeezes malware

Brave.com, with the help of Google, squeezes malware

With a valid TLS certificate, faux BravÄ—.com can fool even the most secure of people. Malware that controls browsers and steals sensitive data.

...
https://safirsoft.com A privacy battle that Apple isn't fighting

A privacy battle that Apple isn't fighting

There are no browser-level privacy settings that California implements in Safari, iOS.

For at least a decade, privacy advocates have yearned ...

https://safirsoft.com Only 3G Kindles started their long and slow death this year

Only 3G Kindles started their long and slow death this year

3G 2021/2022 sunset affects even the eighth generation Kindle (2016).

On Wednesday, Amazon sent out an email notification to customers who pu...

https://safirsoft.com Huawei's latest flagship phone has HarmonyOS, Qualcomm SoC and lacks 5G

Huawei's latest flagship phone has HarmonyOS, Qualcomm SoC and lacks 5G

Faced with export bans and chip shortages, Huawei is ignoring what it can find.

Despite facing global chip shortage, US export ban and sharp ...

https://safirsoft.com Malicious PyPI packages steal developer data and inject code

Malicious PyPI packages steal developer data and inject code

The researchers warned that you should expect to see more malicious "Frankenstein" packages.

Open source packages estimated to have been down...