Google Play Store Removes 25 Apps That Steal Facebook Credentials



Google has reportedly pulled 25 applications from its Play Store after French cyber security company Evina alleged users’ passwords were stolen from Facebook. The firm also reported that these 25 apps were downloaded some 2.34 million times in total by the time they were taken down. It’s also noted that the same community developed these apps.

And though all the products and features appeared different, they served the same purpose under the hood. As mentioned, those apps were from various genres. Although some were phase counters, image editors, apps for video editors, some were applications for wallpapers, applications for flashlights, file managers and mobile games.

Here’s the list of applications removed from the Google Play Store now:

Super Wallpapers Flashlight

Padenatef

Wallpaper Level

Contour level wallpaper

Iplayer & iwallpaper



Video maker

Color Wallpapers

Pedometer

Powerful Flashlight

Super Bright Flashlight

Super Flashlight

Solitaire

Accurate scanning of QR code

Classic card game

Junk file cleaning



Synthetic Z

File Manager

Composite Z

Screenshot capture

Daily Horoscope Wallpapers

Wuxia Reader

Plus Weather

Anime Live Wallpaper

iHealth step counter

Com.tyapp.fiction

Of these, Flashlight and Padenatef Super Wallpapers were the only applications that were downloaded 500,000 times. Most have been downloaded 100,000 times while the last three have been downloaded about 100 times.

Such devices contained malicious code detecting which device is being opened in the background and in the front. If it’s Facebook, the malicious software will view a web browser window overlaid on top of the Facebook app and load the fake login tab. Then, the user gives his / her credentials to think of it as a legit website.

Both of these apps were reported to Google in May, and were withdrawn earlier this month by the company. While the Play Store is now marginally safer with such apps gone, what remains, however, is that with Google’s strict device approval procedures, there are these applications still finding their way to the Play Store.

Melina Richardson
Melina Richardson is a Cyber Security Enthusiast, Security Blogger, Technical Editor, Certified Ethical Hacker, Author at Cybers Guards. Previously, he worked as a security news reporter.