These Android apps - downloaded over 2 million times - have been stealing your data

A list of these 25 apps have been removed from Google Play Store

Android phones
(Image credit: mirtmirt / Shutterstock.com)

Despite the precautions Google takes to keep malicious apps out of its Play Store, there are always new ones trying to slip through, and a batch of 25 have just been removed after Google was alerted to their presence on the platform. 

The apps were from a single group attempting to get their hands on users' Facebook login data with benign-looking apps ranging from wallpaper, to flashlights, to games, and were available to download in the Play Store since last year, before being taken down last month. Understandably, users will want to check if they were a victim of the malware, so here's the full list of apps that Google booted out:

Malware apps

(Image credit: Evina)

French cybersecurity firm Evina alerted Google about the nefarious apps in May, but they weren't removed until June, and have had over two million downloads during the time they were live on the Play Store. Explaining how the apps worked, Evina explains:

"When an application is launched on your phone, the malware queries the application name. If it is a Facebook application, the malware will launch a browser that loads Facebook at the same time. 

"The browser is displayed in the foreground which makes you think that the application launched it. When you enter your credentials into this browser, the malware executes java script to retrieve them. The malware then sends your account information to a server."

It's worth checking user reviews for unknown apps before you download them, as the ones Evina flagged up featured reviews from disgruntled victims warning others not to make the same mistake. 

In instances like this, Google also disables apps on the user side, and notifies those affected via the Play Store’s Play Protect service, so if you downloaded any of the listed apps, you should have been given the heads up.

Source: BGR