Google has launched nine Android apps that have been downloaded more than 5.8 million times from the Play Marketplace after researchers said these apps used a sneaky way to steal users’ Facebook credentials.
In an effort to gain users’ trust and ease their vigilance, the apps provided full-function photo editing and framing services, exercises and training, horoscopes, and junk files removal from Android devices, according to a report. post published by security firm Dr. Web. All identified apps offered users the option to disable in-app ads by logging into their Facebook accounts. Users who chose the option saw a real Facebook login form with fields for entering usernames and passwords.
Then, as Dr. Web researchers wrote:
Analysis of the malicious programs showed that they all received settings for stealing logins and passwords from Facebook accounts. However, the attackers could have easily changed the Trojan’s settings and instructed them to load the web page of another legitimate service. They may even have used a completely fake login form on a phishing site. Thus, the trojans could have been used to steal logins and passwords from any service.
dr. Web identified the variants as:
Most downloads were for an app called app PIP photo, which has been opened more than 5.8 million times. The app with the next greatest reach was Process photo Foto, with over 500,000 downloads. The other apps were:
A Google Play search shows that all apps have been removed from Play. A Google spokesperson said the company has also banned developers of all nine apps from the store, meaning they are not allowed to submit new apps. That’s the right thing for Google to do, but nevertheless it’s only a minimal hurdle for the developers, as they can easily sign up for a new developer account under a different name for a one-time fee of $25.
Anyone who has downloaded any of the above apps should thoroughly examine their device and their Facebook accounts for signs of compromise. It’s also not a bad idea to download a free Android antivirus app from a well-known security company and scan it for additional malicious apps. The offer from Malwarebytes is my favourite.