DNBC NEWS
DNBC NEWS
FACE OFF Delete these 25 Android apps and change your Facebook password NOW – you may have been hacked
Harry Pettit, Senior Digital Technology and Science Reporter 30 Jun 2020, 17:07Updated: 30 Jun 2020, 17:09
DOZENS of Android apps have been caught nicking people's Facebook passwords without their permission, cyber security experts report.
The malicious apps were downloaded more than 2.3million times and posed as step counters, wallpaper apps, mobile games and more.
They were removed by Google from the Play Store after the search giant was alerted to the issue by researchers at French tech firm Evina.
In a report seen by ZDNet this week, Evina security gurus detailed how they routed out 25 nasty apps posing as legitimate downloads on the Play Store.
While they looked like normal apps, they were secretly stealing people's Facebook usernames and passwords.
Researchers said that once downloaded, the apps would overlay the Facebook app with a fake login page.
.jpg)
Users would then unwittingly plug in their username and password believing they were logging into Facebook.
However, the apps stole those credentials and then sent them to a remote server.
It's not clear what the cyber crooks planned to do with the credentials.
Usernames and passwords can easily be sold to hackers looking to break into people's other online accounts.
That's because many people use the same username and password for Facebook as they do other accounts, such as their email or Instagram.
Evina researchers said they reported the 25 malicious apps to Google at the end of May.
Google swiftly removed them from the Play Store after independently verifying the software was up to no good.
The apps posed as image editors, video editors, step counters, flashlight applications, file managers, wallpaper apps and mobile games.
How to change your Facebook password
If you believe you were affected by one of the apps, it's best you change your Facebook password right away.
To reset your password if you're not logged in to Facebook:
.jpg)
