Google has removed apps with 5.8 million downloads from the Play Store that were stealing users’ Facebook login details. Google has banned the developers of all nine apps from the store, meaning they will not be allowed to submit new apps.
The malware apps offered useful services like photo editing and framing, exercise and training, horoscopes and removal of unwanted files from Android devices. These malicious apps got their way around users’ Facebook credentials by offering an option to disable in-app ads if they logged in from their Facebook accounts.
According to a post published by security firm Dr. Web users who chose the option saw a Facebook login form that required them to fill in their usernames and passwords. The security firm further analysed the malicious programs to find that the apps received settings for stealing logins and passwords of Facebook accounts.
The apps tricked users by loading into the Facebook sign-in page to steal their login details and to pass them along to the app. The report noted that the malware would also steal cookies from the authorisation session. In each case, Facebook was targeted, but the creators could have also taken advantage of other legitimate internet services by using fake logins on a phishing site.
These Android apps included Rubbish Cleaner, Inwell Fitness, Horoscope Daily which nearly had 1 Lakh downloads each, App Lock Keep, Lockit Master with 50,000 downloads each. Horoscope Pi with 1000 downloads and App Lock Manager with 10 downloads.