{"id":2418,"date":"2021-07-07T18:55:50","date_gmt":"2021-07-07T13:25:50","guid":{"rendered":"https:\/\/xiarch.com\/blog\/?p=2418"},"modified":"2021-07-07T18:56:37","modified_gmt":"2021-07-07T13:26:37","slug":"nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials","status":"publish","type":"post","link":"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/","title":{"rendered":"Nine Android Apps with 5.8 Million Installs Caught Stealing User\u2019s Facebook Credentials"},"content":{"rendered":"\n

It is very common knowledge that applications make themselves private to user\u2019s data, like location settings and browsing habits. But what if you get to know that some of the applications were even granting themselves to access you crucial information, like your login details? Here are nine android apps that were caught stealing Facebook passwords from their users. These applications, which were freely available on Google Play Store, have recently reported having nearly 6 million downloads between them.<\/p><\/p>\n\n\n\n

Google intervened to remove all these nine Android apps downloaded more than 5.8 million times from the company\u2019s Play Store after the applications were caught privately stealing user\u2019s Facebook login details.<\/p><\/p>\n\n\n\n

How these Applications Hijack Facebook Credentials?<\/h2>\n\n\n\n

Doctor Web said that \u201cThe applications were absolutely functional, which was presumed to weaken the caution of potential victims. With that, to access all the app\u2019s functions and supposedly, to disable in-app ads, user were asked to log into their Facebook accounts.\u201d The advertisements inside some of these applications were naturally present, and this procedure was aimed to further restore Android device owners to precede the needed actions.<\/p><\/p>\n\n\n\n

These malicious applications concealed their malicious aim by guising as photo-editing optimizers, astrology programs, and fitness, only to trap users into logging into their Facebook accounts and steal the entered details via a piece of JavaScript code received from an adversary-controlled server. Security firm Doctor Web has published a report that discovers these Trojan applications.<\/p><\/p>\n\n\n\n

All these malicious applications which are mentioned above offered real features, causing the unsuspecting users to trust them. They even permitted users to unlock more features and disable in-app advertisements by logging into their Facebook details.<\/p><\/p>\n\n\n\n

These applications exploited the extensive use of Google and Facebook login something that is offered by many applications and games \u2013 to hijack the credentials of unsuspecting users. \u201cAfter receiving the sensitive details from one of the C&C server into the same WebView. The script directly used to steal the entered login details.\u201d<\/p><\/p>\n\n\n\n

Further, this JavaScript, using the methodologies provided through the JavaScript Interface annotation, provides the hijacked login credentials to the Trojan application, which then forwarded the data to the attacker C&C server. After that the victim logged into the account, the malware also stole cookies from the current authorization session. Those cookies were also sent to the threat actors.<\/p><\/p>\n\n\n\n

The list of all those nine apps are Mentioned below:<\/h2>\n\n\n\n
\"Nine<\/figure><\/div>\n\n\n\n

\u2022 PIP Photo (More than 5,000,000 installs)
\u2022 Processing Photo (More than 5000,000 installs)
\u2022 Rubbish Cleaner (More than 100,000 installs)
\u2022 Horoscope Daily (More than 100,000 installs)
\u2022 Inwell Fitness (More than 100,000 installs)
\u2022 App Lock Keep (More than 50,000 installs)
\u2022 Lockit Master (More than 5,000 installs)
\u2022 Horoscope Pi (More than 1,000 installs)
\u2022 App Lock Manager (More than 100 installs)<\/p><\/p>\n\n\n\n

In the last link of the attack, the hijacked data was eliminating to the server using the malware application.<\/p><\/p>\n\n\n\n

Whereas the specialized operation comes up to have its sight on Facebook accounts, Dr. Web researchers alerted that this attack could have been easily expanded to load the login page of any appropriate web platform with the intention of hijacking logins and passwords from a variety of services.<\/p><\/p>\n\n\n\n

A search of Google Play shows that all application has been removed from Play. A Google spokesman said that the company has also banned the developers of all nine apps from the store, which means they will not be permitted to submit new applications. Anyone who has installed one of the above apps should properly examine their device and their Facebook accounts for any signs of the negotiation. Downloading a free Android antivirus app from a trusted security firm and scanning for additional malicious applications is not a bad idea, either.<\/p><\/p>\n\n\n\n

The most recent announcement comes days after Google revealed new measures for the Play Store, consisting up of requiring developer accounts to turn on two-step verification (2SV), give an address, and verify their contact details as part of its ongoing efforts to action scams and fake developer accounts.
In case of anything, the growth is yet another reminder that users are better off serves by installing applications from known and trusted developers, not to mention go through the permissions request by the applications and always pay attention to other user’s reviews prior to installation.<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"

It is very common knowledge that applications make themselves private to user\u2019s data, like location settings and browsing habits. But what if you get to know that some of the applications were even granting themselves to access you crucial information, like your login details? Here are nine android apps that were caught stealing Facebook passwords […]<\/p>\n","protected":false},"author":2,"featured_media":2421,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"yoast_head":"\nNine Android Apps with 5.8 Million Installs Caught Stealing User\u2019s Facebook Credentials - Xiarch Solutions Private Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Nine Android Apps with 5.8 Million Installs Caught Stealing User\u2019s Facebook Credentials - Xiarch Solutions Private Limited\" \/>\n<meta property=\"og:description\" content=\"It is very common knowledge that applications make themselves private to user\u2019s data, like location settings and browsing habits. But what if you get to know that some of the applications were even granting themselves to access you crucial information, like your login details? Here are nine android apps that were caught stealing Facebook passwords […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiarch Solutions Private Limited\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xiarch\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-07T13:25:50+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-07-07T13:26:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/07\/Nine-Android-Apps-with-5.8-Million-Installs-Caught-Stealing-Users-Facebook-Credentials-feature-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Xiarch Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xiarch\" \/>\n<meta name=\"twitter:site\" content=\"@xiarch\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Xiarch Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/\"},\"author\":{\"name\":\"Xiarch Security\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\"},\"headline\":\"Nine Android Apps with 5.8 Million Installs Caught Stealing User\u2019s Facebook Credentials\",\"datePublished\":\"2021-07-07T13:25:50+00:00\",\"dateModified\":\"2021-07-07T13:26:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/\"},\"wordCount\":711,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"articleSection\":[\"Breaches\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/\",\"url\":\"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/\",\"name\":\"Nine Android Apps with 5.8 Million Installs Caught Stealing User\u2019s Facebook Credentials - Xiarch Solutions Private Limited\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#website\"},\"datePublished\":\"2021-07-07T13:25:50+00:00\",\"dateModified\":\"2021-07-07T13:26:37+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/xiarch.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Nine Android Apps with 5.8 Million Installs Caught Stealing User\u2019s Facebook Credentials\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/xiarch.com\/blog\/#website\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"name\":\"Xiarch Solutions Private Limited\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/xiarch.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\",\"name\":\"Xiarch\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"contentUrl\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"width\":300,\"height\":300,\"caption\":\"Xiarch\"},\"image\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/xiarch\/\",\"https:\/\/twitter.com\/xiarch\",\"https:\/\/www.linkedin.com\/company\/xiarch\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\",\"name\":\"Xiarch Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"caption\":\"Xiarch Security\"},\"sameAs\":[\"https:\/\/xiarch.com\/blog\/\"],\"url\":\"https:\/\/xiarch.com\/blog\/author\/vector\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Nine Android Apps with 5.8 Million Installs Caught Stealing User\u2019s Facebook Credentials - Xiarch Solutions Private Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/","og_locale":"en_US","og_type":"article","og_title":"Nine Android Apps with 5.8 Million Installs Caught Stealing User\u2019s Facebook Credentials - Xiarch Solutions Private Limited","og_description":"It is very common knowledge that applications make themselves private to user\u2019s data, like location settings and browsing habits. But what if you get to know that some of the applications were even granting themselves to access you crucial information, like your login details? Here are nine android apps that were caught stealing Facebook passwords […]","og_url":"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/","og_site_name":"Xiarch Solutions Private Limited","article_publisher":"https:\/\/www.facebook.com\/xiarch\/","article_published_time":"2021-07-07T13:25:50+00:00","article_modified_time":"2021-07-07T13:26:37+00:00","og_image":[{"width":1000,"height":525,"url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/07\/Nine-Android-Apps-with-5.8-Million-Installs-Caught-Stealing-Users-Facebook-Credentials-feature-image.jpg","type":"image\/jpeg"}],"author":"Xiarch Security","twitter_card":"summary_large_image","twitter_creator":"@xiarch","twitter_site":"@xiarch","twitter_misc":{"Written by":"Xiarch Security","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/#article","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/"},"author":{"name":"Xiarch Security","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c"},"headline":"Nine Android Apps with 5.8 Million Installs Caught Stealing User\u2019s Facebook Credentials","datePublished":"2021-07-07T13:25:50+00:00","dateModified":"2021-07-07T13:26:37+00:00","mainEntityOfPage":{"@id":"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/"},"wordCount":711,"commentCount":0,"publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"articleSection":["Breaches"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/","url":"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/","name":"Nine Android Apps with 5.8 Million Installs Caught Stealing User\u2019s Facebook Credentials - Xiarch Solutions Private Limited","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/#website"},"datePublished":"2021-07-07T13:25:50+00:00","dateModified":"2021-07-07T13:26:37+00:00","breadcrumb":{"@id":"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/xiarch.com\/blog\/nine-android-apps-with-5-8-million-installs-caught-stealing-users-facebook-credentials\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiarch.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Nine Android Apps with 5.8 Million Installs Caught Stealing User\u2019s Facebook Credentials"}]},{"@type":"WebSite","@id":"https:\/\/xiarch.com\/blog\/#website","url":"https:\/\/xiarch.com\/blog\/","name":"Xiarch Solutions Private Limited","description":"","publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiarch.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiarch.com\/blog\/#organization","name":"Xiarch","url":"https:\/\/xiarch.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","contentUrl":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","width":300,"height":300,"caption":"Xiarch"},"image":{"@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/xiarch\/","https:\/\/twitter.com\/xiarch","https:\/\/www.linkedin.com\/company\/xiarch"]},{"@type":"Person","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c","name":"Xiarch Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","caption":"Xiarch Security"},"sameAs":["https:\/\/xiarch.com\/blog\/"],"url":"https:\/\/xiarch.com\/blog\/author\/vector\/"}]}},"_links":{"self":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/2418"}],"collection":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/comments?post=2418"}],"version-history":[{"count":1,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/2418\/revisions"}],"predecessor-version":[{"id":2422,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/2418\/revisions\/2422"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media\/2421"}],"wp:attachment":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media?parent=2418"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/categories?post=2418"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/tags?post=2418"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}