Google Play Store is home to millions of apps that make our phones useful in many ways. And while Google is doing its best to make sure there are no harmful apps in its app market, some inevitably run away.
Fortunately, Google is not the only company looking for malicious applications. Cybersecurity firm Evina is also searching and testing applications to detect any malware that may be lurking within and recently released a list of 25 apps that stole users’ Facebook credentials. Since then, the apps have been removed from the Google Play Store, but if you have any on your device, it’s time to remove them.
The list (included below) contains applications with very different functionalities: from card games to file managers, step counters and even a flashlight application. Combined, they accumulated more than 2 million downloads and all contained the same malicious code.
The list of dangerous apps that you should remove immediately
The way the malware works is by waiting for the user to start an application created by Facebook. Then it quickly opens a new browser tab with a fake Facebook login page and displays it on top of the app that was initially launched. Then, users would enter their Facebook login details and the malware would copy them and send it to their designated server. Obviously tech savvy users will likely spot the change and not fall for that trick, but kids or seniors using an Android phone for the first time will easily accept and compromise their Facebook account.
That is why it is important to always make sure that the applications you are installing are legitimate, which can usually be done by looking at the comments to see if there is any warning about it. That was the case for most of the apps in the list above, but still, the overall rating of the apps was high enough for people to consider downloading them.
