Google has deleted nine malicious apps from its Play store after it was established that they were being used to steal personal data from Facebook. The apps reportedly appeared normal and required users to log in using their Facebook accounts. This is common, but in this case, the apps contain trojan malware which is installed right after the users log into their accounts.
The nine apps have cumulatively garnered more than 5.8 million downloads. Although designed to steal Facebook passwords, the report says that the attackers could have easily changed the trojan’s settings and commanded them to load the web page of another legitimate service.
“They could have even used a completely fake login form located on a phishing site. Thus, the trojans could have been used to steal logins and passwords from any service.”
The apps have been removed from Google’s play store, but some people could still have them on their phones or tablets. Check for the nine apps below:
- Processing Photo
- App Lock Keep
- Rubbish Cleaner
- Horoscope Daily
- Horoscope Pi
- App Lock Manager
- Lockit Master
- Inwell Fitness
- PiP Photo
Android users are advised to download apps from trusted developers and pay attention to reviews on the page. If you suspect that the app you are about to download is suspicious, skip it.