VKontakte a highly popular social-networking website in Russia has been compromised with passwords and logins stolen from its users.
Users of VKontakte social network are in danger of being duped into installing app that has malicious code. Kaspersky Lab, an anti-virus company in Russia, says VKontakte users data has been stolen.
Thousands of Android users were affected. VK (originally VKontakte, Russian: ВКонтакте, literally "in touch") is the largest European social network based in Saint Petersburg, Russia. It is available in several languages, but is especially popular among Russian-speaking users. Hackers used music downloader app called "Music VKontakte" from Google Play Store to steal sensitive information like logins and passwords. Kaspersky Lab researchers said hackers had embedded the malicious code in the app, but users couldn’t notice the difference as it worked without any problems.
Malicious app infected mostly Russian users. According to Kaspersky Lab security researchers, hackers used the majority of stolen data for social media group promotion, without user’s knowledge. In this case it is very difficult for account owners to identify or notice data theft. However, there were some cases when cybercriminals changed the passwords and used accounts for their own purposes and users couldn’t gain access to their VKontakte pages.