Android app with 100,000 downloads contained password-stealing malware, say security researchers

Google has removed an app with over 1000,000 downloads from its Play Store after security researchers warned that the app was able to harvest the Facebook credentials of smartphone users.

Researchers at French mobile security firm Pradeo said the app embeds Android trojan malware known as “Facestealer” because it dupes victims into typing in their Facebook credentials to a web page that transmits the credentials to the attacker’s server, which happens to be a domain that was registered in Russia.

If a user adds their credentials, the makers of the Android app then have full access to victims’ Facebook accounts, including any linked payment information, such as credit card details, as well as users’ conversations and searches, according to Pradeo.

Read more…
Source: ZDNet