Google Play Removes 25 Apps Caught Stealing Facebook Credentials From Users

Google Play Removes 25 Apps Caught Stealing Facebook Credentials From Users

Google Play Removes 25 Apps Caught Stealing Facebook Credentials From Users

Google Play Removes 25 Apps Caught Stealing Facebook Credentials From Users: Evina
  • Most of the malicious apps offered wallpapers, video editing tools
  • Google removed these apps earlier in June
  • It is unclear how the apps avoided Google Play Protect detection

Google is said to have removed 25 apps from its Google Play store that were caught stealing Facebook credentials. According to the French cyber-security firm, Evina, these malicious apps collectively had over 25 lakh downloads. The apps reportedly offered different functionalities, though they used the same method for extracting users’ credentials. Some of the apps had been available on the Google Play store for over two years before they were finally removed, the cyber-security firm highlighted.

The findings were published in a blog post by Evina and were first reported by ZDNet. Google removed the apps earlier in June after the cyber-security firm reported its potential threat in May this year. Most of these malicious apps offered new wallpapers, while others provided video editing tools and flashlight tools. Apps such as Super Wallpapers Flashlight and Padenatef had over 5 lakh downloads each on Google Play.

How did the apps steal Facebook credentials?

According to Evina, once the user launched the contentious app on their smartphone, the malicious app detected what app a user recently opened and had in the phone’s foreground. “If it is a Facebook application, the malware will launch a browser that loads Facebook at the same time. The browser is displayed in the foreground which makes you think that the application launched it,” the cyber-security firm explains.

Once the user put their Facebook login details on the phishing page (which features a black bar instead of a blue bar of the original Facebook app), the malicious then sent the credentials to a remote server. This could potentially allow attackers to access all data stored on the Facebook account or even allow them to access other websites where users’ have logged in via their Facebook account.

Evina, however, has not clarified how these malicious apps avoided detection by Google’s Play Protection service. The full list of these malicious Android apps is listed on Evina’s website.

ZDNet citing the cyber-security firm notes that all of the 25 malicious apps were developed by a single threat group.

Rakesh Sashmal

Related Posts

Microsoft Hardens Latest Windows Version Against Hackers

Comments Off on Microsoft Hardens Latest Windows Version Against Hackers

EaseUS – The Most Affordable Data Recovery Wizard

Comments Off on EaseUS – The Most Affordable Data Recovery Wizard

Powersoft takes control with new ArmoníaPlus software

Comments Off on Powersoft takes control with new ArmoníaPlus software

Microsoft Defender ATP Antivirus App for Android Now Available in Public Preview

Comments Off on Microsoft Defender ATP Antivirus App for Android Now Available in Public Preview

Samsung Showcases New Monitors for Gamers, Professionals Ahead of CES 2019

Comments Off on Samsung Showcases New Monitors for Gamers, Professionals Ahead of CES 2019

What the Superhuman Controversy Reveals About the Shifting Ethics of Software

Comments Off on What the Superhuman Controversy Reveals About the Shifting Ethics of Software

Samsung Says to Shut Down US CPU Research Division

Comments Off on Samsung Says to Shut Down US CPU Research Division

The best free audio editor 2017

Comments Off on The best free audio editor 2017

The importance of industry-relevant skills in software development

Comments Off on The importance of industry-relevant skills in software development

EaseUS Data Recovery Software: Experience the Complete Recovery Package

Comments Off on EaseUS Data Recovery Software: Experience the Complete Recovery Package

Create Account



Log In Your Account