Pierluigi Paganini
July 13, 2015
We already explained that Google Play Store was abused several times to serve malicious applications, a practice that is very common and everyday new bogus apps are proposed on the official store despite Google promptly remove them.
This time researchers discovered a malicious Facebook-Credentials-Stealing Trojan disguised as an Android game, the problem is that the malicious app has been downloaded around 1 Million times, making one of the more successful malicious apps in Android.
The malicious “games” are named “Cowboy Adventure” and “Jump Chess” and when this article was written the apps had been already removed from Google Play Store, but, before that may have compromised many Facebook accounts, since this malicious app steals Facebook credentials.
“Cowboy Adventure” and “Jump Chess” were developed by Tinker Studio and their purpose are to gather social media credentials.
About “Cowboy Adventure”, once it is installed the game will ask for a Facebook login window( fake) and will ask users for their username and password, the thing where is that normally users don’t suspect this, because nowadays many applications/games require the Facebook’s credentials, using the principle of Single Sign on.
If the user inserted his Facebook’s credentials, the app will send the credentials to the attacker’s server.
If you are, dear reader, downloaded one of these apps, you need to change your Facebook password immediately and any other applications that you used with the same credentials.
As many defend, this wasn’t an innocent mistake made by Tinker Studio, it looks clear that this was made intentionally to steal Facebook credentials.
Please when downloading an Android APP keeps always in mind:
About the Author Elsio Pinto
Edited by Pierluigi Paganini
(Security Affairs – Android, malicious apps)
