New Delhi: Search engine giant Google is learned to have struck down 25 apps for phishing on the Facebook login credentials of users.


COMMERCIAL BREAK
SCROLL TO CONTINUE READING

According to the French cyber-security firm, Evina the new malware steals Facebook logins and could effectively ruin your online and offline life.


“New ways of perpetrating fraud are regularly brought to the attention of our cybersecurity experts and we recently discovered new malware that steals Facebook logins. This malware could effectively ruin your online and offline life by making off with the credentials of one of your most valued pieces of digital real estate. The malware was embedded in a large number of popular apps,” Evina wrote in a blog post.


  1. Super Wallpapers Flashlight        
  2. Padenatef
  3. Wallpaper Level               
  4. Contour level wallpaper
  5. iPlayer & iWallpaper      
  6. Video Maker     
  7. Color Wallpapers             
  8. Pedometer        
  9. Powerful Flashlight         
  10. Super Bright Flashlight  
  11. Super Flashlight
  12. Solitaire Game 
  13. Accurate scanning of Meade      
  14. Classic card game            
  15. Junk file cleaning             
  16. Synthetic Z         
  17. File Manager     
  18. Composite Z      
  19. Screenshot Capture       
  20. Daily Horoscope Wallpapers
  21. Wuxia Reader
  22. Plus Weather
  23. Anime Live Wallpaper
  24. iHealth Step Counter
  25. com.tgyapp.fiction

 


“We had Google shut down those applications. Evina managed to successfully reverse-engineer the malware which enabled us to protect end-users against it,” the cyber research firm said.


The above malicious apps, Evina says, collectively had over 25 lakh downloads.


The security firm further said that when an application is launched on your phone, the malware queries the application name and if it is a Facebook application, the malware will launch a browser that loads Facebook at the same time.


“The browser is displayed in the foreground which makes you think that the application launched it. When you enter your credentials into this browser, the malware executes java script to retrieve them. The malware then sends your account information to a server,” it added.