Tuesday, January 31, 2023
  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
No Result
View All Result
Home Mobile Apps

Google Removes Play Store Apps That Stole Users’ Facebook Passwords

Nine apps were removed for major privacy violations.

by Ikmal Rozlan
July 5, 2021
155
SHARES
Share on FacebookShare on Twitter

Google is racing to identify apps that break Android’s user privacy policies. Ars Technica discovered that Google removed nine trojans posing as apps that stole Facebook login credentials from the Play Store. The malware had over 5.8 million combined downloads and used generic popular titles such as “Horoscope Daily” and “Rubbish Cleaner” on Google Play.

The apps tricked users by loading the Facebook sign-in page and redirecting it to a command and control server, which loaded JavaScript that then “hijacked” usernames and passwords and passed them to the app, thus the command server. To complete their goal, they would also swipe some cookies from the authorisation session.

While Facebook was the only target, in each case, the perpetrators could have easily redirected users toward alternative internet services. It was discovered that while there were five malware variants, they all used the same JavaScript code and configuration file formats to steal the information.

In response to an inquiry from Ars, Google stated that it had banned the offending developers from the store, though this may not pose much of a barrier for the perpetrators, as they can easily set up new developer accounts. To that end, it is possible that Google will have to screen for the malware itself in order to keep the scammers out.

ADVERTISEMENT

Of course, the bigger question is how the apps ended up with so many downloads before they were removed. Thanks to the artificial intelligence and machine learning that Google has employed, the majority of malware online do not slip into the Play Store, but the finer points of the technique may have allowed certain rogue apps to bypass these parameters and allow their victims to remain unaware that their Facebook data had been compromised.

Google Play Store

The damage this time isn’t so bad compared to when Google discovered that Camscanner, a popular app that had been downloaded over 100 million times, was riddled with malware. On another note, Google Play’s AI detected one million apps that violated the platform’s policies last year. Regardless of the underlying cause, it bears repeating that it’s important to be cautious about downloading apps from unknown developers, no matter how popular they appear to be.

(Sources: Engadget, Slash Gear // Image: portal gda / Flickr)

What’s your Reaction?
+1
0
+1
0
+1
0
+1
0
+1
0
+1
0
+1
0

Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news. 

Tags: GooglePlay Store
Updated 5:22 pm, Mon, 5 July 21
Back to top
Share62Tweet39SendShare

RELATED ARTICLES

Google Chrome Incognito Lock feature Android iOS
Apps

Google Chrome’s Lock Incognito Feature Rolling Out To More Android Devices

by Heirul Kamel
January 27, 2023
apple airtag battery
Mobile

Google May Be Working On AirTag Equivalent Codenamed Grogu

by Ian Chee
January 18, 2023
Google Wallet contactless payment too laxed NFC exploit flaw security
Opinion

Google Wallet’s Contactless Payment Feature Is Worryingly Laxed

by Heirul Kamel
November 17, 2022
Election Commission voting GE15 resources
Editorial

Useful Resources To Help You Prep Up For This Weekend’s GE15

by Heirul Kamel
November 16, 2022

ADVERTISEMENT

LOWYAT.TV

No Result
View All Result

TRENDING TODAY

  1. 1
    Entertainment

    Malaysia’s First IMAX With Laser Hall Is Now Open At GSC IOI City Mall East

  2. 2
    Fintech

    Touch ‘n Go To Be Scrutinise By KPDN’s Task Force Soon

  3. 3
    ISP

    TM Is About To Open The First Unifi Store

  4. 4
    Apps

    Google Removes Play Store Apps That Stole Users’ Facebook Passwords

  5. 5
    Computing

    The New Mac mini M2 And M2 Pro Are Made In Malaysia

Consumer Tech News & Reviews Malaysia

NETWORK

  • Hype
  • Murai
  • Lipstiq
  • Diva
  • Varnam
  • Moviedash
  • Autofreaks

ABOUT

  • Advertise
  • Careers
  • Privacy Statement
  • Contact Us
  • Editorial Policy
  • Terms & Conditions

©2023 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Hardware
      • Compu-zone
      • Viewnet
      • Thundermatch
      • Sri Computers
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables

©2023 LOWYAT, LLC. ALL RIGHTS RESERVED.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
We use cookies to improve your experience. Learn More.