Apps on Google Play Steal Facebook Credentials

By   ISBuzz Team
Writer , Information Security Buzz | Jul 13, 2015 06:00 pm PST

Thousands of Android users targeted by phishing apps harvesting their Facebook credentials.

ESET recently analysed two new samples of malware on Google Play masquerading as games called Cowboy Adventure and Jump Chess.  The apps contained a Trojan functionality allowing them to carry out Facebook phishing attacks. Google has since taken down both of the apps and now displays a warning before their installation on Android devices. Read the complete story with screenshots on our blog.

A few months ago, Google has also announced that the company has been improving security mechanisms on its Google Play Store to lower the risk of its users getting infected by malware.

Unlike Fake Minecraft which was recently analysed by ESET, both Cowboy Adventure and Jump Chess were actual full-fledged games in addition to containing a fraudulent element. After this app’s launch on an Android device, it would display a fake Facebook login window and send the victim’s Facebook credentials directly to the attackers’ server.

“Despite the fact that the number of potential victims may have been up to one million, thankfully many were able to avoid being tricked by this scam as the negative user comments helped prevent them from entering their Facebook user name and password,” said Robert Lipovsky, Senior Malware Researcher at ESET.

As a rule, you should not underestimate the importance of a malware scanner on Android devices. ESET Mobile Security detects both of the malware-laden games as Android/Spy.Feabme.A.[su_box title=”About ESET” style=”noise” box_color=”#336588″]esetSince 1987, ESET® has been developing award-winning security software that now helps over 100 million users to Enjoy Safer Technology. Its broad security product portfolio covers all popular platforms and provides businesses and consumers around the world with the perfect balance of performance and proactive protection. The company has a global sales network covering 180 countries, and regional offices in Bratislava, San Diego, Singapore and Buenos Aires.[/su_box]