Home > Cyber News > 25 Malicious Android Apps in Play Store Were Stealing Facebook Logins

25 Malicious Android Apps in Play Store Were Stealing Facebook Logins

How safe do you think your Facebook password is? If you have used one of the 25 Android apps Google just removed from Google Play Store, your Facebook credentials were stolen.

The findings come from French cybersecurity firm Evina which also revealed that the 25 malicious apps were masqueraded as image editors, wallpaper apps, flashlight, apps, games, and were all created by the same developer. All apps worked the same way despite promising different functionalities. Some of them had been available on Google Play Store for more than a year before they were removed.

How many times were the apps downloaded? Apparently, more than 2.34 million times which makes the number of potential victims quite big. All apps contained malicious code that detected recently opened apps on targeted devices as well as apps running in the foreground.

The apps were stealing Facebook credentials

In case the malicious code detected that the Facebook app was running, the malicious app would overlay a web browser window on top of the official app to load a fake Facebook login page. In case the user is tricked by the malicious overlay and entered his credentials, the malicious app would harvest the data and send it to a remote server at a specific location.

The good news is that the researchers reported the 25 apps they found were containing the malicious code at the end of May. Google has already removed them. It is noteworthy that when Google removes malicious applications from its app store, it also disables the apps on users’ devices and notifies users via the Play Protect service.

Here’s a list of the apps provided by Evina researchers:

In 2017, Kaspersky discovered 85 apps that were infected with malware designed to steal passwords for social networks. Obtained passwords could have been used in various malicious scenarios, including account takeovers and distribution of the so-called Facebook viruses.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree