- Aug 2, 2020
Google intervened to remove nine Android apps downloaded more than 5.8 million times from the company's Play Store after the apps were caught furtively stealing users' Facebook login credentials.
"The applications were fully functional, which was supposed to weaken the vigilance of potential victims. With that, to access all of the apps' functions and, allegedly, to disable in-app ads, users were prompted to log into their Facebook accounts," researchers from Dr. Web said. "The advertisements inside some of the apps were indeed present, and this maneuver was intended to further encourage Android device owners to perform the required actions."
The list of apps are as follows -
- PIP Photo (>5,000,000 installs)
- Processing Photo (>500,000 installs)
- Rubbish Cleaner (>100,000 installs)
- Horoscope Daily (>100,000 installs)
- Inwell Fitness (>100,000 installs)
- App Lock Keep (50,000 installs)
- Lockit Master (5,000 installs)
- Horoscope Pi (>1,000 installs)
- App Lock Manager (10 installs)
In the last link of the attack, the stolen information was exfiltrated to the server using the trojanized applications.