According to a report from Dr. Web, Researchers have discovered nine apps that got more than 5.8 million downloads contained trojan malware that stole Facebook login details.
The apps offered users a disable in-apps ads option by logging into their Facebook accounts. Users who chose the option saw a genuine Facebook login form containing fields for entering usernames and passwords.
These credentials would consequently get “hijacked” through a command server and get passed along the app. In all nine cases, Facebook was the main target but the creators could have easily steered users toward other internet services.
Related; Camscanner and WPS Office among the list of apps to be banned from the Google Play Store
Google has since removed the apps from Play Store, but if you haven’t removed them from your device, they remain a threat to your phone or tablet. If the following apps appear on your handset, you need to uninstall them immediately. They include:
- Processing Photo
- App Lock Keep
- Rubbish Cleaner
- Hororscope Daily
- Horoscope Pi
- App Lock Manager
- Lockit Master
- Inwell Fitness
- PiP Photo
The whole situation begs the question, how did all these apps with easy-to-find titles rack up so many downloads before they were taken down. Google’s automated screening keeps a lot of malware out of the store, but the subtlety of the technique might have aided these rogue apps to slip past defenses.
Whatever the cause, it’s safe to say you should be cautious about downloading apps from unknown publishers no matter how popular they seem.
Next; Google and India’s Jio collaborate on an “ultra-affordable smartphone”, the JioPhone Next
Alfred Gitonga is a passionate tech news writer with a deep interest in smartphones and related technologies. He is a staff writer at Mobitrends.co.ke.
