These 25 apps were removed from Google Play Store for stealing your Facebook data

You should remove these apps from your phone right now if you have them

Highlights
  • These 25 apps were found stealing users’ Facebook login data
  • The malware-infected apps have been removed from Google Play Store

Google has yet again taken action against fraudulent apps that were caught stealing users’ data. The search-engine giant has removed as many as 25 apps from the Google Play Store after French security firm Evina reported that they were found infected with a malware that could steal Facebook logins. Less than a month ago, Google took similar action against over 30 popular apps, including the ones that add beauty filters to your photos. The 25 new apps identified with malware are no longer available for download via Google Play Store, but the millions of users who have already downloaded them need to make sure they remove them from their phones to secure themselves.

You should delete these apps from your phone if you have them

APPSINSTALLS
Super Wallpapers Flashlight5,00,000
Padenatef5,00,000
Wallpaper Level1,00,000
Contour level wallpaper1,00,000
iPlayer & iWallpaper1,00,000
Video Maker1,00,000
Color Wallpapers1,00,000
Super Bright Flashlight1,00,000
Solitaire Game1,00,000
Accurate Scanning of QR Code50,000
Classic card game50,000
Junk file cleaning50,000
Synthetic Z50,000
File manager50,000
Composite Z50,000
Screenshot capture10,000
Daily Horoscope Wallpapers10,000
Wuxia reader10,000
Plus weather10,000
Anime Live wallpaper100
iHealth Step CounterN/A
com.tqyapp.fictionN/A


These apps, which are made to look like everything from general wallpaper and flashlight apps to mobile games, were found with a malware that could steal your Facebook login credentials.

“When an application is launched on your phone, the malware queries the application name. If it is a Facebook application, the malware will launch a browser that loads Facebook at the same time. The browser is displayed in the foreground which makes you think that the application launched it. When you enter your credentials into this browser, the malware executes java script to retrieve them. The malware then sends your account information to a server.”

The apps bypass the Google security protocols by allegedly using “packers” that are hidden in the APK in the form of extra DEX files and foreign language such as Arabic, which reduces the readability for people. Additionally, even if Google takes action against the sketchy apps, the fraudsters develop a more robust mechanism to avoid detection and removal.