Researchers at French cyber-security firm, Evina, in a new report has warned about 25 dangerous Android apps that can steal your Facebook credentials.
From Google to Samsung, Android smartphones are some of the most popular handheld devices around the world.
But if you use an Android smartphone, you may want to reconsider which apps you have installed on your device.
The apps reportedly offered different functionalities, though they used the same method for extracting users’ credentials.
Some of the apps had been available on the Google Play store for over two years before they were finally removed, the cyber-security firm highlighted.
How did the apps steal Facebook credentials?
ZDNet explained: “The apps posed as step counters, image editors, video editors, wallpaper apps, flashlight applications, file managers, and mobile games.”
And while they’ve now been deleted from the Google Play Store, before being taken down, the apps had been downloaded more than 2.34 million times.
On the surface, the apps appear to offer a legitimate function, but secretly contain malicious code.
According to Evina, once the user launched the contentious app on their smartphone, the malicious app detected what app a user recently opened and had in the phone’s foreground. “If it is a Facebook application, the malware will launch a browser that loads Facebook at the same time. The browser is displayed in the foreground which makes you think that the application launched it,” the cyber-security firm explains.
Once the user put their Facebook login details on the phishing page (which features a black bar instead of a blue bar of the original Facebook app), the malicious then sent the credentials to a remote server.
This could potentially allow attackers to access all data stored on the Facebook account or even allow them to access other websites where users’ have logged in via their Facebook account.
Evina, however, has not clarified how these malicious apps avoided detection by Google’s Play Protection service.
Thankfully, Evina has reported the dangerous apps to Google, which has now removed them from the Google Play Store.
The full list of these malicious Android apps is listed on Evina’s website.
ZDNet citing the cyber-security firm noted that all of the 25 malicious apps were developed by a single threat group.
However, if you have any of the apps installed on your smartphone, we would recommend deleting them immediately.