In-app fraudulent activities have been mushrooming to an extraordinary level now.
Almost recently a French cyber-security company, Evina found out and claimed that there were about 25 extremely dangerous and malicious applications circulating on Google Play Store.
These 25 apps are known to be stealing Facebook credentials of users.
As a result, Google took immediate action and removed these 25 applications from its Play Store.
All 25 Apps Created by Same Group
Even though Google managed to successfully bring down the 25 fraudulent apps from its Play Store, Evina claims that by the time these apps were taken down, much damage had already been done.
This means these 25 apps were downloaded around 2.34 million times in total, before getting deleted from the platform.
Also, these apps were created by the same group.
Even though all these 25 apps served different purposes and features, they had a common goal and functioning.
These apps were from different genres, as reported by ZDnet. They were as discreet as some being step counters, image editors, video editor apps, others were wallpaper apps, flashlight applications, file managers, or mobile games.
List of all the 25 Apps
- Super Wallpapers Flashlight
- Wallpaper Level
- Contour level wallpaper
- Iplayer & iwallpaper
- Video maker
- Color Wallpapers
- Powerful Flashlight
- Super Bright Flashlight
- Super Flashlight
- Accurate scanning of QR code
- Classic card game
- Junk file cleaning
- Synthetic Z
- File Manager
- Composite Z
- Screenshot capture
- Daily Horoscope Wallpapers
- Wuxia Reader
- Plus Weather
- Anime Live Wallpaper
- iHealth step counter
Super Wallpapers Flashlight and Padenatef were the only apps that were downloaded 500,000 times. Most were downloaded 100,000 times while the last three were downloaded roughly 100 times.
How did they Harm?
These apps contained malicious code, which could detect the app opened in the background and foreground.
Speaking of this, with the presence of any of these 25 apps on your device, if you happen to open Facebook, the malicious app will show an overlaid web browser window on top of the Facebook app and load the fake login page.
Thinking of it as a legit page, the owner will enter in his/her credentials.
All these apps were reported to Google in May and the company removed these apps earlier this month.