THEY STEAL YOUR FACEBOOK

Posted by Evina on

Evina blocks fraudulent traffic but we don’t stop there. New ways of perpetrating fraud are regularly brought to the attention of our cybersecurity experts and we recently discovered new malware that steals Facebook logins. This malware could effectively ruin your online and offline life by making off with the credentials of one of your most valued pieces of digital real estate. The malware was embedded in a large number of popular apps:

Example of infected apps

And it is no surprise that there were numerous unfortunate victims.

Comments on infected applications

We had Google shut down those applications. Evina managed to successfully reverse-engineer the malware which enabled us to protect end-users against it. This is very critical for our customers:

1200px-Orange_logo.svg

Brigitte De Ducla, Orange France

"We have successful results with Evina; in addition to providing us with premium protection on our carrier billing, they also help us create a safer customer journey, therefore preserving the global experience of our clients".

Here’s how they steal your facebook
In foreground the malware browser, in background the real application

When an application is launched on your phone, the malware queries the application name. If it is a Facebook application, the malware will launch a browser that loads Facebook at the same time. The browser is displayed in the foreground which makes you think that the application launched it. When you enter your credentials into this browser, the malware executes java script to retrieve them. The malware then sends your account information to a server.

Check if the Facebook app is running in foreground
Run the activity that contains the webview
The webview load the login page
It executes javascript to get the credentials
And send the data to airshop.pw

Lionel Ferri, Evina CTO: “It’s a fraudulent technique that points out the danger and reflects how important it is to protect yourself. It can not be identified by Facebook as the malware displays in front of the legit app when it is launched”.

Why are you always targeted? Because everyone is targeted.

Internet-based fraud has become so pervasive that sometimes it seems as if everyone you meet has, at some time or another, been a victim of digital fraud. Often when one is targeted by online fraudsters, the first reaction is ‘why me?’.

Rest assured that we are all in the same boat and while it is normal for the victim to think they have been specifically targeted, we are actually all targets. Furthermore, we must highlight that victims should never be blamed for the criminal actions of others.

Fraudsters are everywhere and they are not confined to the DCB sector. They lurk in every nook and cranny of the web and it is the job of experts like Evina to flush them out. Our clients are very helpful in this regard. They regularly provide us with valuable information that helps us lift the lid on what you could call the digital fraud of the day.

 

In conclusion, remember once again that victims are not culprits: the app developer, the app store and all other legitimate players involved are simply innocent victims of fraudsters and their malware.

Don’t miss any news about cybersecurity: subscribe to Evina Fraud Observer!

You should also read

JORDAN FERLICOT: A MENDER OF GAPS BETWEEN CLIENTS & TECH EXPERTS FOR SEAMLESS BUSINESS GROWTH

Jordan Ferlicot joined Evina’s Customer Success team at the beginning of the month as our new Solution Engineer. With over six years of...

Read more
PRESS RELEASE: EVINA LANDS GLOBAL ANTI-FRAUD AWARD

The Paris-based global anti-fraud firm Evina has scooped the Best Fraud Solution accolade at the Global Carrier Billing Summit 2020. Evina...

Read more
WHAT IS THE FUTURE OF CYBERSECURITY? PHILIPPE VANNIER ANSWERS OUR QUESTIONS

Philippe Vannier has been founding Chairman of the Crescendo Industries fund since 2004. He has led numerous investments made by Crescendo in...

Read more