The report of Dr. Web (Dr. Internet), an antivirus service, says that his malware analysts discovered nine suspicious apps. Among which were Processing Photograph, App Lock ConservE, Garbage Cleaner, Horoscope Day by Day, Horoscope Pi, App Lock Supervisor, Lockit Grasp, Inwell Condition, and Pip PHOP PHOTOGRGRH A.S. These apps allegedly acted as Trojan Malware and stole the users’ Facebook log-in credentials after providing the option to disable advertisements by logging in through their social media accounts through their social media accounts. ARS Technica saw the report of Dr. Web.
These apps tricked the users by showing exactly copying of FB’s log-in page. Instead, the apps loaded a JavaScript command that stole his log-in credentials. Apps clearly stole the browser cookies from the authorization session. All the malware variants were and all of them allegedly used a uniform JavaScript code to steal the data of users. The report also stated that three of the malware variants were native Android apps, and two were created using Flutter SDK of Google.
There are malware variants identified by Dr. Web-
Android.pws.fb.13, android.pws.fb.14, android.pws.fb.15, android.pws.fb.17, android.pws.fb.18.
A Google spokesperson told ARS Technica that he has also banned all nine app app developers from Google Play Games Collect, which will prevent these developer accounts from publishing any new app in the market. This is a positive step of Google, but a new developer account under a different name can be made with a slight fee of $ 25 (about Rs 1,900).
Users are advised not to download any app from an unknown developer, no matter how many downloads of the app. In this case, PIP Photographs received a maximum of 5.8 million downloads, followed by Processing Photograph on 500,000 downloads. Any user who has also downloaded these apps should check his device and Facebook account thoroughly for suspicious activities.
