The apps attracted users to suspend the in-app ads by adding FB account.
Google has removed nine popular Android apps from Play Storeafter they were caught stealing Facebook login details.
The apps werestealing users databy using identical Javascript code.
All nine apps offered legal services and weredownloaded more than 5.8 milliontimes.
Security researchers at Dr.
The form looks genuine, so the users fall for it.
Once they enter the credentials, the page is loaded into Android WebView, which was legitimate.
The researchers discovered that the hackers loaded malicious JavaScript in the same WebView, to steal the data.
Web says,
This script was directly used to highjack the entered login credentials.
After the victim logged into their account, the trojans also stole cookies from the current authorization session.
Those cookies were also sent to cybercriminals.
Five malware variants were identified in the apps.
From which three of them were Android apps, and the other two used Googles Flutter framework.
All of them are classified as same trojan because they have used similar configuration file formats and JavaScript code.
If you have installed any app from the list, uninstall them right now.
