Almost 25 Android apps were deleted from the Google Play store recently after French cybersecurity firm Evina alerted the tech giant about some apps which were found to have been stealing Facebook login details of the users.
As per the security firm's findings, the apps came with malware which kept a record of Facebook login details when victims use it from their phone. The shocking part is all these apps have gained a total of over 2.3 million downloads. Most of these apps used to offer services like file managers, flashlights, wallpaper management, screenshot editor, and weather.
Data Theft
After the installation process, a malicious code hidden within the code waits until the user launches Facebook to start stealing the personal data of the victim. These apps can mimic Facebook's login page by overlaying a web browser window on top of the official app of the social media giant.
Later, when users type the username and the password, the information can then be sent to the hackers. Lionel Ferri, Evina CTO said that it is a technique that points out the danger and reflects how important it is to protect your own privacy. He said, "It can not be identified by Facebook as the malware displays in front of the legit app when it is launched."
After the removal of these malicious apps from the Play Store, Evina has advised all Android users to delete these apps from their phones if they installed them before Google's clean up to ensure their data safety. This is because Google has removed them from its platform but these apps need to be deleted manually from users' phones if downloaded earlier. The security firm also advised users to change the Facebook password if they have any of these apps downloaded previously.