Google Removes Nine Malicious Apps From Play Store

Google Removes Nine Malicious Apps From Play Store

Sharing is caring!

Google has banned nine apps from the Play Store, totaling 5.8 million downloads, accused of stealing users’ Facebook login credentials and passwords. According to reports, the search engine giant Google has banned the developers of all nine apps from the store, where they will not be allowed to submit new applications.

The malware applications proposed useful administrations such as – photo editing and framing, exercise and training, horoscopes, and removing unwanted documents from Android gadgets. In addition, these malicious apps obtained everything they wanted from users’ Facebook credentials by giving them the option to turn off in-application advertisements if they signed in from their Facebook accounts.

According to a post released by security firm Dr. Web, users who chose the option saw a Facebook login structure that asked them to fill in their usernames and passwords. The security firm also looked into the malicious programs to know whether they had any settings for obtaining Facebook login credentials and passwords.

The apps worked by duping users into thinking they were visiting the official Facebook sign-in page, only to load a JavaScript from a command and control server that would steal their credentials. These Facebook user’s credentials were passed along to the app, which was then sent to the command server, with the app also stealing the cookies from the authorization session. While the apps had always targeted Facebook, the makers could have used the same method to target other internet services. The apps used five different variants of the malware, but the JavaScript code and the configuration file formats used for stealing the data were the same for all of them.

However, these Android apps included Rubbish Cleaner, Inkwell Fitness, Horoscope Daily, which each had roughly a million downloads, and App Lock Keep and Lockit Master, which each had 50,000 downloads. In addition, horoscope Pi has 1000 downloads, whereas App Lock Manager has ten downloads.

According to a Google spokesman, the tech giant Google has also removed the designers and creators of each of the nine apps from the store, effectively barring them from submitting new apps. Nonetheless, as per the article, this is a minor stumbling block for defaulters, as a new developer account under a different name costs a one-time $25 fee.

The upgrade comes only days after the Joker virus named eight new Android applications that stole user data such as SMS, contact lists, device information, gadget data, OTPs, and more. Auxiliary Message, Fast magic SMS, Free CamScanner, Super Message, Element Scanner, Go messages, travel wallpapers, and Super SMS are the eight applications infected by the Joker virus. According to reports, Google withdrew the contaminated apps from the Play Store after a few installs.

Pratibha Dubey

Digital Marketing Specialist

A self-motivated and passionate Digital Marketing Specialist who has a passion for learning more and unraveling the new digital marketing techniques. By communicating conscientiously to a team of differentiated specialists, she possesses excellent leadership skills. She is a collaborative individual who values the talent of those around her and knows how to enhance the work of others with a scope of improvement. She is a persistent problem solver who takes failures as an opportunity to grow.