Nine Android apps that have been downloaded more than 5.8 million times from Google’s Play Store were discovered to have been stealing users’ Facebook login details.
Security firm Doctor Web published a report that identifies these 9 trojan apps, and Google has since removed them from the Play Store. Google has also banned the developers of these apps, which means they are unable to submit any new apps.
“The applications were fully functional, which was supposed to weaken the vigilance of potential victims. With that, to access all of the apps’ functions and, allegedly, to disable in-app ads, users were prompted to log into their Facebook accounts,” researchers from Dr. Web stated. “The advertisements inside some of the apps were indeed present, and this maneuver was intended to further encourage Android device owners to perform the required actions.”
Here is the list of malicious apps mentioned in the report:
- PIP Photo (>5,000,000 installs)
- Processing Photo (>500,000 installs)
- Rubbish Cleaner (>100,000 installs)
- Horoscope Daily (>100,000 installs)
- Inwell Fitness (>100,000 installs)
- App Lock Keep (50,000 installs)
- Lockit Master (5,000 installs)
- Horoscope Pi (>1,000 installs)
- App Lock Manager (10 installs)
If you have any of these applications installed on your phone, it is advisable to uninstall them and change your Facebook login details.
Although this campaign specifically targeted Facebook accounts, Dr. Web researchers have warned that this attack could have been easily expanded to load the login page of any legitimate web platform to steal login details from a variety of services.