Recently, Dr. Web analysts discovered some Android apps that were stealing Facebook login details from devices. These apps had over 5.8 million combined downloads. Now Google has removed these apps from the Play Store after it was informed.
Here’s the list of apps that Google removed for stealing Facebook login details.
- Processing Photo
- App Lock Keep
- App Lock Manager
- Lockit Master
- Rubbish Cleaner
- Horoscope Daily
- Horoscope Pi
- Inwell Fitness
- PIP Photo
These apps were tricking users by showing them a real Facebook sign-in page. This sign-in page was being used to steal credentials and pass it to the app server. All the apps used the same JavaScript code and configuration file formats to steal information.
Even if all these apps were trying to steal Facebook login details, the code can be modified to steal login details of any other legitimate web platform.
Google has not just removed these apps but also banned these developers from the Play Store. But any of these developers can create a new developer account. So, Google should now work harder to improve its malware detection algorithm.
