Advanced Ethical Hacking Institute in Pune

It’s not at all surprising that the Google Play Store is surrounded by a number of malicious applications that may gain users’ attention to fall victim for one, but this time it might be even worse than you thought.

Threat researchers from security firm ESET have discovered a malicious Facebook-Credentials-Stealing Trojan masquerading as an Android game that has been downloaded by more than a Million Android users.

 

Malicious Android Apps downloaded 50,000-1,000,000 times

The Android game, dubbed “Cowboy Adventure,” and another malicious game, dubbed “Jump Chess” – downloaded up to 50,000 times, have since been removed from Google Play Store.

However, before taking them off from the app store, the creepy game apps may have compromised an unknown number of victims’ Facebook credentials.

Both the games were created by the same software developer, Tinker Studio and both were used to gather social media credentials from unsuspecting users.

How Cowboy Adventure victimizes Android users?

Once installed, Cowboy Adventure produced a fake Facebook login window that prompted users to enter their Facebook usernames along with their passwords. A practice known as OAuth in which a 3rd party asks your Facebook login.

However, if users provide their credentials to Cowboy Adventure app, the malicious code within the game app allegedly sent their credentials to the attacker’s server.

Therefore, If you have downloaded Cowboy Adventure or Jump Chess, you should immediately change not alone your Facebook password, but any service that uses the same combination of username and password as your Facebook account.

ESET senior security researcher Robert Lipovsky believes that the app malicious behavior is not just a careless mistake of the game developer, but the developer is actually a criminal minded.

Take Away

A few basic tips that you should always keep in your mind are:

Always download apps from official sources, such as Google Play Store or Apple’s App Store.

Read reviews from other users before downloading an app (Many users complained about “Cowboy Adventure” that the game locked them out of Facebook accounts).

Always use two-factor authentication on services that makes it harder for hackers to access your accounts with just your password.

Always keep a malware scanning software from trusted vendors like Avast, AVG, ESET, Kaspersky and Bitdefender, on your smartphone.

www.extremehacking.org
CEHv8 CHFIv8 ECSAv8 CAST ENSA CCNA CCNA SECURITY MCITP RHCE CHECKPOINT ASA FIREWALL VMWARE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE,Certified Ethical Hacking, Center For Advanced Security Training in India, IT Security Training Information Security Traning Courses in Pune, ceh certification in pune, Ethical Hacking Course in Pune