Google has taken down a total of 9 apps from the Playstore that violates the code of conduct. Researchers from the antivirus software firm Dr.Web have discovered that the application contained malicious code which can be used to steal users’ Facebook login credentials. These Android apps have more than 5.8 million combine downloads, they were designed to look like legitimate applications as they were providing photo editing services, exercising, cleaning the storage space, and horoscopes too. However, deep down they were the trojan application that tricks their users to share Facebook credentials.
These apps were pulling off their scheme by letting the users have elevated their position in-app, as they link to their social media account, which is also a common practice nowadays. When the users choose the option to link up with a Facebook account, apps would then open the legitimate Facebook login page and when users typed anything into the login page would go towards the servers controlled by the hackers.
Researchers of Dr. Web explains the process as
The list of infected apps is below, if you have downloaded any of these apps then we strongly recommend you to change your Facebook login information immediately.
- Processing Photo
- Rubbish Checker
- App Lock Manager
- App Lock Keep
- PIP Lock
- Lockit Master
- Inwell Fitness
- Horoscope Daily
- Horoscope Pi
The good news is, these apps no longer appear in Google PlayStore search anymore. Google spokesperson has also made the statements that not only they have taken down the infected applications but also, they have banned the developers from uploading any new applications in the future.