Google Removes Android Apps That Steal Facebook Passwords: How to Retrieve Compromised Account, Avoid Suspecting Apps

By Staff Reporter , Updated Jul 05, 2021 03:54 AM EDT
(Photo: Photo by Pixabay)

Google purged several Android smartphone applications in their Google Play Store that has potential malware compromising one's privacy and sensitive information.

According to Yahoo, the malware that was inside of these apps, ranging from photo editors to phone optimization, had over 5.8 million combined downloads. The suspected malware attacks the victim's Facebook credentials, including its log-in information such as passwords.

The Apps in Question

According to the analysis made by Dr. Web, nine out the 10 Trojan malware-ridden apps are available on Google Play Store.

These apps in question are as follows - Processing Photo and PIP Photo, both are image editing apps; App Lock Keep, App Lock Manager, and Lockit Master, all are app lock software; Horoscope Daily and Horoscope Pi, both astrology and horoscope reading apps; Rubbish Cleaner, a phone optimization app; and Inwell Fitness, a smartphone fitness app.

READ ALSO: Cyber Attackers Unleashed Cryptomining Malware 'Crackonosh' Masked as Free Games: How to Avoid Virus-infested Free Games

According to Ars Technica, the said analysis identified five malware variants that are packaged within the programming of these apps. There of them were native Android apps, while the remaining two uses Google's Flutter framework, a programming tool that allows cross-platform compatibility.

These malware masking as "useful" apps can steal both the username and password of a victim's Facebook account by tricking it to sign its credentials in a "real" Facebook sign-in page.

This action from the potential victim will load a JavaScript from a command and control server to "hijack" said log-in credentials and pass them along to the app, and then the command server. The malware would also steal cookies from the authorization session from any website aside from Facebook.

Ars Technica said that all of the mentioned apps were removed from the Google Play Store, while according to a spokesman from Google, the developers of these apps were banned from submitting new apps for the digital store.

What to do

If you happen to be a victim of said malware and your log-in credentials were stolen, Hacked advised that you need to act immediately first by going through all of your Facebook security emails and follow the instructions that attached there.

Then click the "Change Password," "Secure your Account," and any other links that might help you regain access to your compromised Facebook account.

You can also report your account by clicking the "My Account is Compromised" button or recover the compromised password via clicking the "Forgotten Password?" option in the Facebook's log-in page.

But the one way to prevent this one from happening, according to Dr. Web, is to install applications for your Android smartphones that came from known and trusted developers, as well as to pay attention to the user reviews regarding the apps.

You should also pay attention to when and which apps will ask you for a login confirmation. If you are not sure what you are doing is safe, it would be better for you to not proceed any further and install the suspicious app.

READ ALSO: 1.2TB of Private Data Stolen From Facebook, Netflix, Amazon and More up For Sale for $100

© 2020 Game & Guide All rights reserved. Do not reproduce without permission.

Join the Conversation

Real Time Analytics