These apps showed themselves as a video editor, photo editor, wallpaper apps, file managing apps, mobile gaming apps, and flashlight apps., says Evina, a France based cybersecurity organization. When the firm came to know about the incident, it reported to Google, and precautionary measures were taken immediately to protect the end-users. The malware was also reverse-engineered so that no damage could take place. The 25 apps had malware embedded in them, which stole FB login credentials whenever the user launched the FB application.
Although the apps worked legally, they, however, had hidden malicious codes. The code could tell about the recently launched app in the user's device. If it were FB, these apps would create a fake login page that looked the same as the original to steal the user's login credentials. If the user entered his login credentials, the app would capture the data and transfer it to a remote server domain. When Google came to know about the issue after Evina's claims in May, it verified it before taking down these apps. Playstore removed these 25 apps earlier this month, some of which had been in use for more than a year.
"When an application is launched on your phone, the malware queries the application name. If it ..
Support the originator by clicking the read the rest link below.
