A number of Android games on Google Play Store have been found to be stealing personal information of Facebook users. Two security firms have highlighted this issue and stated that some of these apps are quite popular, with one app having more than one million downloads.
According to a recent post by Trustlook, a popular game by the name of Cowboy Adventure by Tinker Studio is also serving as a malware.
When launched, a fake Facebook login page appears to some users who are asked to enter their Facebook information, which is then sent to attackers. This is against the law as no third party is allowed to ask for your Facebook login details.
Researchers at ESET also identified another one of these android games by Tinker Studio, named Jump Chess, which is also serving the same purpose. ESET, in a recent post, declared, “Our analysis of these malicious games has shown that the applications were written in C# using the Mono Framework. The phishing code is located inside TinkerAccountLibrary.dll. The app communicates with its C&C server through HTTPS and the address to which to send the harvested credentials (also known as the ‘drop zone’) is loaded from the server dynamically.”
According to Trustlook, the phishing mechanism was only applicable to IP addresses outside the US and Canada. However, ESET mentioned that the games have now been taken off Play Store, and installation of these games will now come with a warning.