Several popular apps with millions of downloads combined were found to be stealing Facebook login information. Google is now removing them from the Play Store.
These malicious apps have over 5.8 million downloads combined
Researchers at Dr. Web discovered nine apps that were tricking users into revealing their Facebook login details. These were fully functional apps that offered photo editing, exercise, junk file removal and even horoscopes. They were no different from the countless other apps on the Play Store that provide similar functions.
Users were prompted that they could remove in-app ads by logging into their Facebook accounts. Those who chose the option would then see a genuine Facebook login form where they entered their username and password.
The login information entered by users would then be hijacked and sent to the attackers’ server. The attackers could have used this method to steal login information for any other online service. However, Facebook was the only target in all of these apps.
The nine apps have more than 5.8 million downloads combined. It’s surprising that the apps were able to carry on without being detected for so long. This is likely due to the techniques used here that the apps were able to fly under the radar.
A spokesman for Google confirmed to Ars Technica that these apps have been removed and that the developers have also been banned from the store. That being said, there’s nothing stopping them from opening up a developer account under a different name since it only has a one-time fee of $25.
If you downloaded any of these apps on your Samsung Galaxy phone, uninstall them immediately and check your Facebook account for any unauthorized activity. Always remember to be careful when downloading apps from relatively unknown developers no matter how many reviews they might have.