Google has rexcited 25 malicious apps from the Google Play Store after the French cybersecurity firm Evina they discovered that they contained malware to hack Facebook. That means it’s time once again to check your Android device to make sure you didn’t foolishly (or accidentally) install a crap application
The list of applications includes flashlight tools, pedometers, image editors. and more, but they are all basically the same app. Sure, everyone performs their different features as advertised, and they look different on the surface, but they all contain the same malicious code created to steal your Facebook login information.
Tthe badNews applications would check if the Facebook app was open at the bottom, then enter a browser tab with a fake Facebook login page in the open background app ‘s window, inviting you to fill in your information. The false page would be Copy your username and password and send they to a remote server that has since been shut down.
Here’s the list of apps removed from the Evina report:
G / O Media may receive a commission
Apps removed from Google Play should be automatically remote from any device they were installed on, but it’s worth double checking, especially if you have Side-load anything on your device. If you are affected, you should reset your Facebook password and update your security settings:enable two-factor authentication always a good bet-immediately.
Normally I’d make sure to remind people to check app permissions to make sure nothing incomplete happens under the hood, but these apps tricked users with fake Facebook login pages. instead of doing something unpleasant behind the scenes. Said that CHack app permissions before installing it is crucial to data security but you you can’t let your guard down just because the permits seem fine.
Many malware applications and phishing campaigns try Steal your social media account information with fake login pages. The safest strategy is only log in through a official social media platform application.
However, if for some reason you do you need to login through a Web navigator, confirm that the page is legitimate first. Check everything – the URL, images, layout, text, and even page color when you see all the tabs. meIf they don’t match, then it’s a false.
That is why it is important to have additional levels of security on all of your accounts: even if your password is stolen, it will be difficult for someone to log into the account if you do not have access to your 2FA codes.
[[[[ZDNet]
.