According to Evina, a French anti fraud solutions company, there were apps in the Play Store that were stealing Facebook login information. The malware was hidden in wallpaper applications, video making apps and flashlight apps.
The full list of apps:
If a user launched any one of the above apps, it would simultaneously open a browser in the foreground to Facebook. This would have led some users to believe that the fraudulent browser was legitimate. Users that entered their information into the browser would then have that information stolen.
“It’s a fraudulent technique that points out the danger and reflects how important it is to protect yourself. It can not be identified by Facebook as the malware displays in front of the legit app when it is launched”
Lionel Ferri, CTO Evina
Evina were able to reverse engineer the malware and informed Google about the presence of these applications in their app stores.
Remember once again that victims are not culprits: the app developer, the app store and all other legitimate players involved are simply innocent victims of fraudsters and their malware.
Lionel Ferri, CTO Evina
What’s your take? Cancel reply