Google has removed nine apps from its Play Store after researchers showed they secretly stole users’ Facebook log-in credentials. Apps were hidden under names that sounded like everyday useful tools and apps. These include Rubbish Cleaner and Horoscope Daily. According to a report, these malicious apps had around 5.9 million combined downloads on the Google Play store while PIP Photo alone had 5.8 million downloads. These contained five different types of malware. Google had earlier removed three apps made for children for violation of privacy.
Dr. Web, an antivirus service, reports that their malware analysts discovered nine suspicious apps. Which included Processing Photo, App Lock Keep, Rubbish Cleaner, Horoscope Daily, Horoscope Pi, App Lock Manager, Lockit Master, Inwell Fitness, and PIP Photo apps. These 9 apps allegedly acted as Trojan malware and stole users’ Facebook log-in credentials after offering users the option to disable ads by logging in through their social media accounts. Dr. Webb’s report was seen by Ars Technica.
The malware variants identified by Dr. Webb are
Android.PWS.Facebook.13, Android.PWS.Facebook.14, Android.PWS.Facebook.15, Android.PWS.Facebook.17, and Android.PWS.Facebook.18 .
A Google spokesperson told Ars Technica that they have also banned app developers for all nine apps from the Google Play store, which would block these developer accounts from publishing any new apps to the market. This is a positive move from Google, but a new developer account under a different name can be created for a nominal fee of $25 (approximately Rs 1,900).
Users are advised not to download any app from an unknown developer, irrespective of the number of downloads of the app. In this case, PIP Photo received a maximum of 5.8 million downloads, followed by Processing Photo at 500,000 downloads. Any user who has downloaded these apps should thoroughly check their device and Facebook account for suspicious activity.