Android phones with Google Play Store are sold five times more than that of any other smartphones. Therefore, the number of apps on Android Play Store is considerably high as compared to Apple’s App Store. With more rigorous activity in the development of app, it is highly possible that Google Play Store may have a lot of malicious apps in its database. Predictably, this allows many malicious apps to pass through the review process much more easily and remain on the Play Store until reported for fraudulent activities.
Google, however, acts very promptly in removing these malicious apps, especially when it comes to serious allegations like phishing. The internet giant has now taken down 25 apps for deceiving users and acquiring their logging Facebook login credentials.
French cyber-security agency Evina recently reported 25 malicious apps to Google in May for siphoning off users’ Facebook login details. This was accomplished by creating a faux login page on top of the actual Facebook’s login page. The malicious elements were disguised by legit functionality in these apps. Evina notes that these apps were masquerading as wallpaper apps, image and video editors, flashlight apps, games, and file managers on the Google Play Store.
How did the apps steal Facebook credentials?
According to Evina, once the user launched the contentious app on their smartphone, the malicious app detected what app a user recently opened and had in the phone’s foreground. “If it is a Facebook application, the malware will launch a browser that loads Facebook at the same time. The browser is displayed in the foreground which makes you think that the application launched it,” the cyber-security firm explains.
The French agent also told ZDNet that some of these malicious apps had been on the Google Play Store for over a year. Google removed them after validating the findings in early June. While removing apps from the Google Play Store, Google also disables them on users’ smartphones and informs them through the Play Protect feature.
The list of apps removed by Google Play Store
|App Name||Package||No of installs|
|Super Wallpapers Flashlight||com.wallpaper.flashlight.compass||500000+|
|Contour level wallpaper||com.communication.walllevel||100000+|
|iPlayer & iWallpaper||com.ldl.videoedit.iwallpapers||100000+|
|Super Bright Flashlight||com.tqyapp.sb.flashlight||100000+|
|Accurate scanning of Meade||com.tqyapp.qr||50000+|
|Classic card game||com.card.solitairenew||50000+|
|Junk file cleaning||com.xdapp.cleaning||50000+|
|Daily Horoscope Wallpapers||com.tianqiyang.lww.constellation||10000+|
|Anime Live Wallpaper||com.tqyapp.chuangtai||100|
|iHealth Step Counter||com.tiantian.lang.tencent||–|