Google has removed a total of 25 apps in the Google Play Store which are said to steal users’ Facebook data. This follows a report from a French cybersecurity firm Evina, that says the apps can access Facebook usernames and passwords when downloaded.
The report says all 25 applications send Stolen Facebook credentials to a central server and seem to be from a single developer. Some of them have hundreds of thousands of downloads and several users have complained about them in user reviews.
How Facebook credentials get stolen
The malware responsible for stealing Facebook credentials launches a browser that opens Facebook whenever a user tries to launch a Facebook application. The browser appears on top which makes the user believe it is the application they launched. Facebook is unable to identify the malware because of this behaviour and so can not stop the process.
The login credentials are stolen as soon as they enter it and sent to a third party. Applications in which this malware is embedded include:
- Super Wallpapers Flashlight
- Padentaef
- Wallpaper Level
- Contour Level Wallpaper
- iPlayer & iWallpaper
- Video Maker
- Color Wallpapers
- Pedometer
- Powerful Flashlight
- Super Bright Flashlight
- Super Flashlight
- Solitaire Game
- Accurate scanning of QR code
- Classic Card Game
- Junk File Cleaning
- Synthetic Z
- File Manager
- Composite Z
- Screenshot Capture
- Daily Horoscope Wallpapers
- Wuxia Reader
- Plus Weather
- Anime Live Wallpaper
- iHealth Step Counter
- Com.tqyapp.fiction
Google has since removed all the applications and also disabled the apps on the user end after removing them from the store.
Attacks on mobile devices becoming common
Mobile phones have become targets for attacks from different applications recently. Google removed 38 applications from its play store just last month for after malware-related behaviour was detected. Like these 25, there were several victims who used the apps.
Android phone users were the primary targets as is usually the case and security experts advise that users should be security conscious when installing third-party applications.
