software platform google apps Recently Deleted Nine requests Android With about 6 million downloads, the Trojans with which they stole the access credentials and passwords of the social network hid Facebook social networking site.
As reported by a cybersecurity company Dr. the web In the applications manifest Hide malicious file In functional software of different types, such as password managers, image editors or horoscope applications.
The addresses of the nine requests were as follows: Image Processing, App Lock Keep, Garbage Cleaner, Horoscope Daily, Horoscope Pi, App Lock Manager, Lockit Master, Inwell Fitness y PIP Photo. The total downloads of all of them reached 5.8 million.
The total downloads of all of them reached 5.8 million. Photo: shutterstock
Dr. Webb warned that although it has already been removed from Google Play, it is still تزال Available on third-party platforms and compilers of applications.
Affected applications contained a variant of Trojans Android.PWS.Facebook.15, which uses file formats and Java scripts to steal user information, in this case, their access data to the social network Facebook.
To access Facebook’s access data, the apps required users to identify themselves with their social networking accounts to access premium features or to stop receiving ads.
Although the attacks were focused on obtaining user access data, cybersecurity researchers warned that their method could also be applied to any other type of form on websites. phishing, and that trojans could have been used Steal credentials from any other service.
Google Play includes more security features for developers
In this context, the Google Play software platform was introduced New security measures For app developers, who ask for more information to identify them, such as their names or addresses, as well as ask for two-step verification.
These functions are intended to “maintain Google Play Safe and secure and better serve the developer community,” the tech giant revealed through a statement on its developer blog.
So far, only the developers have been asked by Google Play to identify them with Email address and phone number, but the platform has now expanded the data these users must provide to verify that they are real people, which will remain private.
With the Google Play update, developers will be asked for their account type – personal or business – and their contact name and physical address, and to verify their postal address or email.
Developers can already fill in this information for a week, and it will be necessary to specify it to whomever they want Update your profile information. Since August, all new accounts must select the account type and verify the data.
Likewise, the official app platform also included Two-step verification As another additional security feature for developers, as well as to protect your software and end users.
With information from DPA.