malware can steal your social networking password without giving slightest hints

Google recently removed 85 apps from the Play Store after it was discovered that they were infected with a malware that can steal social-network credentials from the devices of the users.

Must Read

Sumit Deb begins new journey as CMD of NMDC

Senior PSU leader Sumit Deb has assumed charge as Chairman-cum-Managing Director of . He succeeds N. Baijendra Kumar.

Spearheading transformation towards sustainable future in times of Covid-19

Bringing the governments, businesses, academia, and communities together to spearhead the transformational and systematic effort towards a sustainable future is needed

Tata Communications gets local telecom license in Saudi Arabia

Under Type B telecom license, Tata Communications will be able to provide Internet Service Provider and related telecom services to enterprises in a defined capacity, along with local currency billing for end-customers

Android : Google recently removed 85 apps from the Play Store after it was discovered that they were infected with a malware that can steal social-network credentials from the devices of the users. The most downloaded app out of these 85, was masqueraded as a gaming app having over a million downloads. The app was uploaded on the Play Store in March 2017 without any malicious code. However, after seven months, it got updated with a malicious javascript code that was able to steal login credentials of social media websites, said reports.

Most of these malicious apps were uploaded to the Play Store in October 2017 and were stealing credentials of VK.com users (a Russian based social networking site). Besides this, researchers also found several other apps that were published as unofficial clients for the popular messaging app Telegram, uploaded by the same group of malicious hackers.

How did the phishing attack work?

The infected apps used an Official SDK for VK.com but injected malicious javascript code in it. This malicious code was capable of stealing users credential from the standard login page of VK.com in such a way that the hackers got the passwords and parallelly the user got logged in too, said experts.

These applications looked legitimate and came with an option to authenticate on VK.com. When a user chose VK.com as an option to authenticate, he/she was then asked to enter his/her login credentials. When done, the injected malicious javascript code authenticated the user as well as stole their login credentials making the entire process as normal as it generally is, removing the scope of any suspicion in the mind of the users

“A number of applications come with options where users can login via Facebook, Twitter or Google. While these are convenient for users, in case of malicious applications it is very risky to login via social accounts as they can steal your credentials. It is advised not to use “Login via social media” option until you are not sure of the legitimacy of the application and specifically “Never enter your password in apps”, said Ankush Johar, Director at Infosec Ventures.

Tips to mitigate Android phishing attack

Google recently launched “Google play protect”. Make sure that the application is verified by “Google Play Protect” else avoid downloading the app. Always check what all permission the app requires the users to allow before installation. Stay cautious with permissions that don’t seem legitimate, for instance, if a calculator app wants to access your call logs or messages it is clear that the app wants unnecessary permission and can be malicious. Trust your gut!, said Johar.

Don’t download apps from unknown sources, they can be infected with data-stealing malware hidden behind a genuine looking app. Stay away from pirated apps. Do not enter your confidential detail like your bank account details etc on the downloaded application. For added security, set your app store settings to “Do not allow third-party app downloads from untrusted sites.”

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Tata Communications gets local telecom license in Saudi Arabia

Under Type B telecom license, Tata Communications will be able to provide Internet Service Provider and related telecom services to enterprises in a defined capacity, along with local currency billing for end-customers
- Advertisement -SAP Hana

Related Articles