As per the new Android phishing malware your social networking passwords are under threat. Google recently removed 85 apps from the Play Store after it was discovered that they were infected with a malware that can steal social-network credentials from the devices of the users.
Most of these malicious apps were uploaded to the Play Store in October 2017 and were stealing credentials of VK.com users (a Russian based social networking site). Besides this, researchers also found several other apps that were published as unofficial clients for the popular messaging app Telegram, uploaded by the same group of malicious hackers.
A number of applications come with options where users can login via Facebook, Twitter or Google. While these are convenient for users, in case of malicious applications it is very risky to login via social accounts as they can steal your credentials.
Few tips to keep you safe:
- Google recently launched “Google play protect”. Make sure that the application is verified by “Google Play Protect” else avoid downloading the app.
- Always check what all permission the app requires the users to allow before installation.
- Don’t download apps from unknown sources, they can be infected with data-stealing malware hidden behind a genuine looking app. Stay away from pirated apps
- Do not enter your confidential detail like your bank account details etc on the downloaded application.
- For added security, set your app store settings to “Do not allow third-party app downloads from untrusted sites.”