Google has removed nine Android apps from its Playstore after malware analysts discovered they were stealing Facebook users' login credentials.
The apps, which were collectively installed nearly six million times, have been described as 'stealer Trojans' by malware analysts at Dr. Web and were spread as harmless software, reports said. These apps, which sounded like everyday utility apps and tools, provided services such as photo editing, exercises, horoscopes, etc.
The apps included PIP Photo, installed nearly five million times, Processing Photom installed half a million times. It list also included Rubbish Cleaner, Horoscope Daily, and Inwell Fitness, which were installed nearly 100,000 times, and App Lock Keep, which was installed 50,000 times. The other apps included Lockit Master, Horoscope Pi, and App Lock.
A report said that in these apps, users used to disable in-app ads by logging into their Facebook accounts. “The advertisements inside some of the apps were indeed present and this maneuver was intended to further encourage Android device owners to perform the required actions," the malware analysts said, Silicon Angle quoted.
The report said that these apps also could have targeted other accounts on service and not only Facebook.
“The attackers could have easily changed the trojans’ settings and commanded them to load the web page of another legitimate service,” the analysts said, and added, “They could have even used a completely fake login form located on a phishing site. Thus, the trojans could have been used to steal logins and passwords from any service.”
Google has not made a public statement on the apps yet.