Google Play has removed these 9 apps that stole Facebook passwords from their users and accumulated nearly six million downloads
If it is well known that the App Store outperforms the Play Store, it is in the security of its contents. Analysis of the team of cyber security specialists for Dr. Web Antivirus, Trojans found in nine apps that have now been removed from the Play Store.
seen by Ars TechnicaMany apps have been downloaded millions of times from the Play Store, through which their developers obtained access data of Facebook users.
The apps pretend to be generic software, from photo editing to device cleaning, and there’s even a horoscope app. The applications are the following:
- Processing image downloaded more than 500,000 times
- App Lock Keep downloaded 50,000 times
- App Lock Manager downloaded 10 times
- Lockit Master has been downloaded 5000 times
- Trash cleaner that has been downloaded over 100,000 times
- Hroscope Daily has been downloaded over 100,000 times
- Inwell Fitness, which has been downloaded over 100,000 times
- PIP photo, the most popular on the list, has accumulated more than five million times
Ars Technica It reiterates that the apps provided users with the option to access their Facebook account from each app as a way to remove their ads. However, the credentials were hacked by javascript as well as the initiated session cookies.
Google ensures that, in addition to eliminating apps, it has also banned their developers. The recommendation to users who have downloaded any of the apps is to immediately change their password and be aware of any indication of unauthorized access.
“Evil coffee nerd. Analyst. Incurable bacon practitioner. Total twitter fan. Typical food aficionado.”