Over the last few years, Google has emphasized its efforts to improve Android security through various measures, but there is still much work to be done. According to a new study, Android apps with more than 5.8 million downloads on the Google Play store have been caught stealing Facebook passwords from users.
Doctor Web, a security firm, has released a report identifying these 9 trojan apps that offered photo editing and app lock features. All of these apps can be found on the Google Play store, with a total of nearly 6 million downloads.
The report goes on to say that as of July 1, 2021, when the report was published, Google had only removed a few of these apps from the Play store.
All of the apps mentioned in the report had real features, which led unsuspecting users to believe they were legitimate. By logging into their Facebook accounts, users were able to unlock more features and disable in-app advertisements. These apps took advantage of the widespread use of Google and Facebook login – which many apps and games provide – to steal passwords from unsuspecting users.
If you have any of these apps installed on your phone, you may want to uninstall them:
- PIP Photo
- Processing Photo
- Rubbish Cleaner
- Horoscope Daily
- App Lock Keep
- Lockit Master
- Horoscope Pi
- App Lock Manager
- Inwell Fitness
Google has removed all of these apps from the Play Store as of July 5. Furthermore, according to an Arstechnica report, Google has banned the developers of these apps, effectively prohibiting them from submitting any new apps.
It is recommended that you unauthorize these apps from your Facebook account and change your password if you downloaded these apps and used the Facebook login option.