As per a recent report, Google has pulled out 9 malicious Android apps from the Google Play Store that are stealing Facebook users login and passwords. One of the apps from the list had millions of users that disabled in-app ads by logging into their Facebook account.
Google LLC has finally discarded all these 9 Android apps from the Play Store, first discovered by Doctor Web’s malware analysts. According to its reports, these malicious apps were stealing Facebook users’ credentials, including logins and passwords details. These stealer trojans were spread as harmless software and were installed more than 5,856,010 times.
However, the analysts have discovered a total of 10 trojan apps out of which 9 were available on Google Play. Processing Photo which is a photo editing software was found as Android.PWS.Facebook.13 was spread by the developer chikumburahamilton. It was installed over 500,000 times.
The report stated that “applications that enabled access limitations for using other software installed on Android devices: App Lock Keep from the developer Sheralaw Rence, App Lock Manager from the developer Implummet col, and Lockit Master from the developer Enali mchicolo―all detected as Android.PWS.Facebook.13. They were downloaded at least 50,000, 10 and 5,000 times respectively.”
Another Rubbish Cleaner from the developer SNT.rbcl which poses as a utility to optimize the Android device performance was identified as Android.PWS.Facebook.13 has been downloaded over 100,000 times.
Astrology programs- Horoscope Daily from the developer HscopeDaily momo and Horoscope Pi from the developer Talleyr Shauna, are also detected as Android.PWS.Facebook.13. The former one is said to have more than 100,000 installs while the latter―more than 1,000 installs.
After identifying the web security specialist reported to Google. Then Google took the initiative to remove part of these malicious applications from Google Play.
Doctor Web reported that its specialists during the investigation of these stealer trojans or applications have discovered that an earlier modification that was spread through Google Play under the guise of an image editing software called EditorPhotoPip, which has already been removed from the official Android app store but still available on software aggregator websites. This modification was added to the Dr.Web virus database as Android.PWS.Facebook.15.
Investigation revealed that they all received settings for stealing logins and passwords of Facebook accounts. Having said that, the attackers could have easily changed the trojans’ settings and commanded them to load the web page of another legitimate service. They could have even used a completely sham login form located on a phishing site. Hence, the trojans could have been utilised to steal logins and passwords from any service.
How to identify and stay protected from malicious Android apps?
It is recommended that Android users should always install apps from known sources or trusted developers on Google Play. They should also watch out for other user reviews. Though the review could not be considered genuine and does not guarantee that apps are harmless but can still alarm you about potential threats. You should also be careful when and which app asks you to login into your account. If still unclear you should better not install the app or when found something suspicious you should immediately uninstall the program from your device.
For the latest gadget and tech news, and gadget reviews, follow us on Twitter, Facebook and Instagram. For newest tech & gadget videos subscribe to our YouTube Channel. You can also stay up to date using the Gadget Bridge Android App.