Google removes 25 apps after they were caught stealing Facebook login details

Google has removed 25 Android apps from Google Play store after these apps were reportedly caught stealing Facebook login details, as per a report by ZDNet. Cybersecurity firm Evina had reported these apps to Google and managed to reverse-engineer the malware which enabled us to protect end-users against it.

These apps were mostly offered services like file managers, wallpaper management, screenshot editor and weather. These apps came with a malware which used to steal your Facebook login details when you launched them on your phone.

Explaining how these malicious apps function, Evina said in its blog post, “When an application is launched on your phone, the malware queries the application name. If it is a Facebook application, the malware will launch a browser that loads Facebook at the same time. The browser is displayed in the foreground which makes you think that the application launched it. When you enter your credentials into this browser, the malware executes javascript to retrieve them. The malware then sends your account information to a server.”