Skip to content

Google removes 25 apps that steal Facebook users’ data

Google has removed a total of 25 apps in the Google Play Store which are said to steal users’ Facebook data. This follows a report from a French cybersecurity firm Evina, that says the apps can access Facebook usernames and passwords when downloaded. 

The report says all 25 applications send Stolen Facebook credentials to a central server and seem to be from a single developer. Some of them have hundreds of thousands of downloads and several users have complained about them in user reviews.

How Facebook credentials get stolen

The malware responsible for stealing Facebook credentials launches a browser that opens Facebook whenever a user tries to launch a Facebook application. The browser appears on top which makes the user believe it is the application they launched. Facebook is unable to identify the malware because of this behaviour and so can not stop the process.

The login credentials are stolen as soon as they enter it and sent to a third party. Applications in which this malware is embedded include:

  • Super Wallpapers Flashlight
  • Padentaef
  • Wallpaper Level
  • Contour Level Wallpaper
  • iPlayer & iWallpaper
  • Video Maker
  • Color Wallpapers
  • Pedometer
  • Powerful Flashlight
  • Super Bright Flashlight
  • Super Flashlight
  • Solitaire Game
  • Accurate scanning of QR code
  • Classic Card Game
  • Junk File Cleaning
  • Synthetic Z
  • File Manager
  • Composite Z
  • Screenshot Capture
  • Daily Horoscope Wallpapers
  • Wuxia Reader
  • Plus Weather
  • Anime Live Wallpaper
  • iHealth Step Counter
  • Com.tqyapp.fiction

Google has since removed all the applications and also disabled the apps on the user end after removing them from the store.

Attacks on mobile devices becoming common

Mobile phones have become targets for attacks from different applications recently. Google removed 38 applications from its play store just last month for after malware-related behaviour was detected. Like these 25, there were several victims who used the apps. 

Android phone users were the primary targets as is usually the case and security experts advise that users should be security conscious when installing third-party applications.

Best Crypto Exchange for Intermediate Traders and Investors

  • Invest in cryptocurrencies and 3,000+ other assets including stocks and precious metals.

  • 0% commission on stocks - buy in bulk or just a fraction from as little as $10. Other fees apply. For more information, visit etoro.com/trading/fees.

  • Copy top-performing traders in real time, automatically.

  • eToro USA is registered with FINRA for securities trading.

30+ million Users
Securities trading offered by eToro USA Securities, Inc. (“the BD”), member of FINRA and SIPC. Cryptocurrency offered by eToro USA LLC (“the MSB”) (NMLS: 1769299) and is not FDIC or SIPC insured. Investing involves risk, and content is provided for educational purposes only, does not imply a recommendation, and is not a guarantee of future performance. Finbold.com is not an affiliate and may be compensated if you access certain products or services offered by the MSB and/or the BD

Read Next:

Finance Digest

By subscribing you agree with Finbold T&C’s & Privacy Policy

Related posts

Sign Up

or

By submitting my information, I agree to the Privacy Policy and Terms of Service.

Already have an account? Sign In

Services

IMPORTANT NOTICE

Finbold is a news and information website. This Site may contain sponsored content, advertisements, and third-party materials, for which Finbold expressly disclaims any liability.

RISK WARNING: Cryptocurrencies are high-risk investments and you should not expect to be protected if something goes wrong. Don’t invest unless you’re prepared to lose all the money you invest. (Click here to learn more about cryptocurrency risks.)

By accessing this Site, you acknowledge that you understand these risks and that Finbold bears no responsibility for any losses, damages, or consequences resulting from your use of the Site or reliance on its content. Click here to learn more.