• 中文版
  • BM
  • News
  • Deals
  • Reviews
    • First Impressions
    • Hands-on
    • Comparisons
  • Tech
    • Mobile
    • Computers
    • Cameras
    • Wearables
    • Audio
    • Drones
  • Telco
    • Celcom
    • Digi
    • Maxis
    • Time
    • Tune Talk
    • U Mobile
    • Unifi
    • Yes
  • Cars
  • Contribute
  • Jobs
Menu
  • 中文版
  • BM
  • News
  • Deals
  • Reviews
    • First Impressions
    • Hands-on
    • Comparisons
  • Tech
    • Mobile
    • Computers
    • Cameras
    • Wearables
    • Audio
    • Drones
  • Telco
    • Celcom
    • Digi
    • Maxis
    • Time
    • Tune Talk
    • U Mobile
    • Unifi
    • Yes
  • Cars
  • Contribute
  • Jobs
Search
  • Tech
    • News
    • Mobile
    • Computers
    • Cameras
    • Wearables
    • Audio
    • Drones
  • Telco
    • Celcom
    • Digi
    • Maxis
    • Time
    • U Mobile
    • Unifi
    • Yes
  • Reviews
    • First Impressions
    • Hands-on
    • Comparisons
  • Buyer’s Guide
  • Opinions
  • Digital Life
  • Video
  • Deals
  • How-To
  • Cars
  • Bahasa Melayu
  • EV
  • Contribute
  • Advertise
Menu
  • Tech
    • News
    • Mobile
    • Computers
    • Cameras
    • Wearables
    • Audio
    • Drones
  • Telco
    • Celcom
    • Digi
    • Maxis
    • Time
    • U Mobile
    • Unifi
    • Yes
  • Reviews
    • First Impressions
    • Hands-on
    • Comparisons
  • Buyer’s Guide
  • Opinions
  • Digital Life
  • Video
  • Deals
  • How-To
  • Cars
  • Bahasa Melayu
  • EV
  • Contribute
  • Advertise
Search
Close
Home Digital Life

These Android apps might have stolen your Facebook password

  • BY Redza Dzafri
  • 5 July 2021
  • 6:19 pm
  • Comment
Share on FacebookShare on Twitter

Google has removed 9 apps due to them containing malicious code that steals users’ Facebook usernames and passwords. In total, the apps have clocked more than 5.8 million downloads.

Here’a a list of all the apps, with their respective download counts:

  • PIP Photo (5,000,000+ downloads)
  • Processing Photo (500,000+ downloads)
  • Rubbish Cleaner (100,000+ downloads)
  • Inwell Fitness (100,000+ downloads)
  • Horoscope Daily (100,000+ downloads)
  • App Lock Keep (50,000+ downloads)
  • Lockit Master (5,000+ downloads)
  • Horoscope Pi (1,000+ downloads)
  • App Lock Manager (10 downloads)

Google has since removed these apps from the Play Store and banned the developers from ever submitting another application (although the hackers can simply pay a small fee for another developer account and submit more malware).

Here’s how it worked: These apps look innocent on the surface. They function just like regular photo editing, horoscope, or device cleaning apps, but some functions are locked. To unlock all of the functions, the user must log into their Facebook account. The app then takes your username and password, and sends it to cybercriminals.

As explained by security firm Dr. Web, the scheme uses a special mechanism that uses a ‘command-and-control’ server. The credentials entered by the user get automatically sent to this C&C server, where they use JavaScript to get the data from the actual Facebook login page. They also collect cookies from the same session.

There have been 5 malware variants identified within the apps:

  • Android.PWS.Facebook.13
  • Android.PWS.Facebook.14
  • Android.PWS.Facebook.15
  • Android.PWS.Facebook.17
  • Android.PWS.Facebook.18

Dr. Web says that are all the same trojan.

If you think you have downloaded one of these apps, consider changing your Facebook password. If you tend to use the same password for multiple websites and services, I highly recommend getting a password manager and changing all your passwords to be distinct and randomly generated. This way, if a hacker gets to one of your accounts, they won’t be able to use that information for anything else. Lastly, enabling two-factor authorization whenever possible can greatly boost the security of your online accounts.

[ SOURCE ]

Tags: AndroidFacebookGoogle Play Store
Redza Dzafri

Redza Dzafri

POPULAR

These Android apps might have stolen your Facebook password

July 5, 2021
Photo by Vitaly Gariev

Countdown to Kickoff: Unifi TV Brings All 104 FIFA World Cup 2026 Matches Live in HD

June 11, 2026

WhatsApp is finally getting usernames: Here’s why you should reserve yours now

June 30, 2026

We’ve been accepting broken laptop designs for 20 years. Here’s what finally changed

June 9, 2026

DNB activates additional 100MHz 5G spectrum as U Mobile exits its network

July 1, 2026

MacBooks, Mac mini, iMac and iPads just got a lot more expensive in Malaysia

June 26, 2026

Copyright © 2025 · SoyaCincau.com
Mind Blow Sdn Bhd (1076827-P)

  • ADVERTISE
  • DISCLAIMER

Copyright © 2026 · SoyaCincau.com – Mind Blow Sdn Bhd (1076827-P)

  • ADVERTISE
  • DISCLAIMER