The app tricks users by loading a Facebook login page.
REPUBLIKA.CO.ID, JAKARTA – Google is still trying to remove Android apps that commit major privacy violations. Ars Technica notes that Google has removed nine applications from the Play Store that Dr. Web, these applications are Trojans that steal Facebook login data.
This app is actually malware-malware It has downloaded more than 5.8 million downloads combined. The app has easy-to-find titles like Horoscope Daily and Rubbish Cleaner.
Reported since EngadgetOn Monday (7/5), the app misled the user by loading the Facebook login page. But in reality, this application “hijacks” the Facebook credentials and passes them to the application.
They will also steal cookies from the authorization session. Facebook is the target in all cases.
There are five variants malware in the mix, but they all use the same JavaScript code and configuration file formats to decrypt information.
The question, of course, is how the apps got as many downloads as before they were removed by Google. many victims do not realize that their Facebook data fell into the wrong hands. Users should be careful when downloading utilities from unknown developers.
(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "https://connect.facebook.net/en_US/all.js#xfbml=1&appId=417808724973321&version=v2.8"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));