These Android apps appear normal but steal your Facebook password; uninstall them immediately
According to a security report by Dr.Web (via ArsTechnica), Google has given nine Android apps "the chop" and have had them removed them from the Google Play Store. The apps, downloaded 5.8 million times in aggregate, pulled users into a false sense of security by performing tasks like the removal of certain files, providing horoscopes, performing photo editing and more.
But while these apps were fully functional, they did require users to log into their Facebook accounts to work. And that is how the trojan malware inside these apps would go ahead and steal Facebook passwords from the victims.
By demanding that users log-in to their Facebook account, the malware was stealing their passwords
While the malware was set to steal Facebook passwords, the report notes that "the attackers could have easily changed the trojans' settings and commanded them to load the web page of another legitimate service. They could have even used a completely fake login form located on a phishing site. Thus, the trojans could have been used to steal logins and passwords from any service."
The nine apps may have been removed from the Google Play Store, but if you've never removed them from your device, they remain a threat to your phone or tablet. If you see that they are on your handset or slate, you need to uninstall them immediately. The nine apps include:
- Processing Photo
- App Lock Keep
- Rubbish Cleaner
- Hororscope Daily
- Horoscope Pi
- App Lock Manager
- Lockit Master
- Inwell Fitness
- PiP Photo
And if you want advice from the Doctor, Dr. Web recommends that "Android device owners install applications only from known and trusted developers, as well as to pay attention to other user reviews. The reviews cannot provide an absolute guarantee that the apps are harmless but can still alarm you about potential threats. You should also pay attention to when and which apps ask you to login into your account."
Without patting ourselves on the back, we often have suggested that looking at the reviews of an app is one of the best ways of finding red flags alerting you to give an app a wide berth. Dr.Web also says that "if you are not sure that what you are doing is safe, it would be better for you not to proceed any further and uninstall the suspicious program."