Google is still competing to pull off major privacy-infringing Android apps. Ars Technica noted that Google has removed nine apps from the Play Store after analysts at Dr. Web found it was a trojan stealing details.
These aren’t obscure names — the slotxo malware has accumulated more than 5.8 million downloads, and is positioned as easy-to-find names like “Horoscope Daily” and “Rubbish Cleaner.
The app fools users by loading an actual Facebook login page, only to load JavaScript from the command and control server to “hijack” the credentials and pass it to the app. They will also steal cookies from
Facebook authorization sessions as targets on a case-by-case basis. But creators can easily navigate users to other Internet services.There are five forms of malware in the mix. But they all use the same JavaScript code and configuration file format to round data.