- Recently, Google bans total of nine apps from its App Store.
- All these apps stole users’ Facebook login credentials.
- The apps have approximately 5.9 million combined downloads
Google removes nine apps from its Play store yesterday. This step was taken after researchers showed that they sneakily stole users’ Facebook login credentials. The apps were reported for stealing the Facebook id, Facebook password, and cookies.
All these apps were hidden under names that sounded like everyday utility tools and apps. These include Rubbish Cleaner and Horoscope Daily.
Report of Data Stealing
Cybersecurity website Dr Web recently shared a report. According to the analysts, they have discovered multiple apps on the Google Play Store which are stealing the Facebook user’s login and password details.
As per the report, these apps were equipped with a Trojan virus that secretly hijacks Facebook login details.
The apps invite the users for disabling in-app advertisements by connecting their Facebook profiles. However, when the user initiates the process he can see a genuine Facebook login page.
After putting in the login details, the hijackers immediately steal all the data including the user’s Facebook password. These apps also reportedly stole cookies from the users’ mobile to the hijackers.
List of Apps
- PIP photo
- Processing Photo
- Rubbish Cleaner
- Inwell Fitness
- Horoscope Daily
- App Lock Keep
- Lockit Master
- Horoscope Pi
- App Lock Manager
According to a report, the malicious apps had approximately 5.9 million combined downloads on the Google Play store. PIP Photo alone having 5.8 million downloads — and had five different variants of malware.
The malware variants identified by Dr. WebWeb are Android.PWS.Facebook.13, Android.PWS.Facebook.14, Android.PWS.Facebook.15, Android.PWS.Facebook.17, and Android.PWS.Facebook.18
If you have donloaded any of these apps. We will advise you to get rid of these apps and change your Facebook password. Also make sure that you have two factor authentication enabled on your Facebook account so that nobody can login remotely without you finding out.
Do not download any app from an unknown developer, regardless of how many downloads the app might have.
Thanks for reading!
Stay Connected for more latest updates