Google has scrambled to remove a series of Android apps that have seriously breached privacy rules, with malware analysts identifying nine Google Play Store apps that have been secretly pinching users’ Facebook login details.
Before they were removed, the apps collectively ran up over 5.8 million downloads, using trojan apps to steal Facebook users' passwords by hoodwinking victims into entering their private credentials to bypass in-app ads.
- Google Health app could make sharing your medical records a whole lot easier on Android
- WhatsApp may finally let you send videos in high resolution
- Google Pixel 5 update quietly rolls out a tiny change to the boot screen – but I love it
Google has since removed nine apps from the Google Play Store (opens in new tab) after Russian anti-malware software company Dr.Web (opens in new tab) discovered the credential-stealing trojan applications, as reported by Arts Technica (opens in new tab). While you may have hoped that these nefarious apps were confined to a few Google Play Store oddities, you'd be mistaken. Instead, the malware was found lurking in a range of fully functional apps, including exercise and training apps, photo editing and daily horoscopes.
The bad actors used seemingly innocuous apps to secure users' trust before offering to remove in-app ads if a user logged in through Facebook. Subsequently, the victims' credentials would then be harvested at the crooks' servers and used to compromise Facebook accounts.
Google's clean-up job appears to have been very thorough, with Google reportedly permanently banning the apps' developers. Despite this, it's certainly worth checking any of your best Android phones for any of the listed apps — and immediately deleting them if you happen to still have them on your device.
Below is a list of the trojan Android apps to watch out for:
- App Lock Keep
- Lockit Master
- Horoscope Pi
- App Lock Manager
- PIP Photo
- Processing Photo
- Rubbish Cleaner
- Inwell Fitness
- Horoscope Daily
Other information from the Dr.Web analysts shows that a further trojan app was found: one that had previously been identified on the Google Play Store some time ago. According to the researchers, the image editing software app EditorPhotoPip had been removed by Google before but had managed to accrue more downloads from unsuspecting users through aggregator websites.
Given that you have properly removed any of the implicated apps that may be lurking on your smartphone, it's best to also change your Facebook password, alongside any logins to applications that share the same or similar login information.
Make sure to be cautious of all apps, unless explicitly well-known. In an ideal world, any apps from unknown developers shouldn't be downloaded at all, especially not until there are more rigorous safeguards that can prevent bad actors from invading the Google Play Store. That halcyon place, however, seems a while away for now.