Android apps with 5.8 million installs were stealing Facebook credentials

According to a report by the Russian publisher of security solutions Doctor Web, a dozen Android applications had the hidden objective of stealing Facebook identifiers (username and password). Of these, nine were available on Google Play.

The total number of installations exceeded 5.8 million. ” The apps were fully functional, which was supposed to weaken the vigilance of potential victims. […] To access all app functions, and to allegedly turn off in-app advertising, users were asked to log into their Facebook accounts.

Doctor Web researchers explain that a legitimate Facebook login page was loaded in WebView which allows an application to directly display web content with the renderer. With recent versions of Android, Chrome acts as the WebView system.

In the same WebView, JavaScript code was received from a command and control server. This script was used for the hijacking of the identifiers entered and with the theft of cookies for an authorized session.

Among the most downloaded Trojan horse apps is a PIP Photo image editing app with over 5 million downloads alone. The other apps were called Processing Photo, Rubbish Cleaner, Horoscope Daily, Inwell Fitness, App Lock Keep, Lockit Master, Horoscope Pi, and App Lock Manager.

Google cleaned up the Play Store and app developers were banned. The fact remains that before alert, the number of accumulated downloads is not negligible.

Source: GNT – actualités by

*The article has been translated based on the content of GNT – actualités by If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!