Google has reportedly pulled 25 applications from its Play Store after French cyber security company Evina alleged users’ passwords were stolen from Facebook. The firm also reported that these 25 apps were downloaded some 2.34 million times in total by the time they were taken down. It’s also noted that the same community developed these apps.
And though all the products and features appeared different, they served the same purpose under the hood. As mentioned, those apps were from various genres. Although some were phase counters, image editors, apps for video editors, some were applications for wallpapers, applications for flashlights, file managers and mobile games.
Here’s the list of applications removed from the Google Play Store now:
Super Wallpapers Flashlight
Contour level wallpaper
Iplayer & iwallpaper
Super Bright Flashlight
Accurate scanning of QR code
Classic card game
Junk file cleaning
Daily Horoscope Wallpapers
Anime Live Wallpaper
iHealth step counter
Of these, Flashlight and Padenatef Super Wallpapers were the only applications that were downloaded 500,000 times. Most have been downloaded 100,000 times while the last three have been downloaded about 100 times.
Such devices contained malicious code detecting which device is being opened in the background and in the front. If it’s Facebook, the malicious software will view a web browser window overlaid on top of the Facebook app and load the fake login tab. Then, the user gives his / her credentials to think of it as a legit website.
Both of these apps were reported to Google in May, and were withdrawn earlier this month by the company. While the Play Store is now marginally safer with such apps gone, what remains, however, is that with Google’s strict device approval procedures, there are these applications still finding their way to the Play Store.