Google just pulled a bunch of password-stealing apps from the Play Store


One of the reasons why you would choose to use Google’s Play Store as your app store of choice is because of the various security measures that Google has in place. The company not only reviews apps that are submitted to the store, but there are also systems in place to ensure that they are free of malware.

Unfortunately, sometimes some apps can somehow slip under the radar, such is the case with a bunch of apps discovered by Dr. Web in which these apps had the ability to trick users into giving up their Facebook passwords. These apps also appeared to be very popular where it was estimated that combined, these apps managed to rack up over 6 million downloads. According to Dr. Web:

“After receiving the necessary settings from one of the C&C servers upon launch, they loaded the legitimate Facebook web page into WebView. Next, they loaded JavaScript received from the C&C server into the same WebView. This script was directly used to hijack the entered login credentials. After that, this JavaScript, using the methods provided through the JavascriptInterface annotation, passed stolen login and password to the trojan applications, which then transferred the data to the attackers’ C&C server.”

Thankfully, Google has since removed all the offending apps from the Play Store. The company has also banned the developer accounts as a result. We’re not sure how many users might have been affected, but if you have downloaded any of these apps and used Facebook to login, then maybe you might want to consider changing your password ASAP.

Source: 9to5Google

Tyler Lee
A graphic novelist wannabe. Amateur chef. Mechanical keyboard enthusiast. Writer of tech with over a decade of experience. Juggles between using a Mac and Windows PC, switches between iOS and Android, believes in the best of both worlds.

    Advertisers are spending more money on Android now, thanks to Apple

    Previous article

    An even cheaper, foldable Samsung smartphone could be unveiled next month

    Next article

    You may also like


    Leave a reply

    Your email address will not be published. Required fields are marked *

    More in Apps