Google has been in a spree of removing applications from the Play Store. The company has just banned 25 apps on the Android store as they were caught stealing Facebook information of the users. These apps were taking advantage of the ‘Login with Facebook’ feature to steal the Facebook credentials of the user.
These apps have been on the Google Play Store long enough to cross over 2.3 million downloads collectively. While the number is not as big considering there are billions of smartphone users out there, this would have still mad ea huge impact.
The number of downloads was so high just because these applications served legitimate functionalities. However, the respective developers injected malicious codes into the apps.
These apps included the following:
- Wallpaper Level
- Padenatef
- Super Wallpapers Flashlight
- Video Maker
- Contour Level Wallpaper.
- Color Wallpapers
- Pedometer
- iPlayer
- iWallpaper
- Powerful Flashlight
- Super Bright Flashlight
- Solitaire Game
- Super Flashlight
- File Manager
- Classic Card Game
- Junk File Cleaning
- Synthetic Z
- Accurate Scanning of QR Code
- Health Step Counter
- Composite Z
- Anime Live Wallpaper
- Daily Horoscope Wallpapers
- Screenshot Capture
- Plus Weather
- Wuxia Reader
These apps have been working in a seamless way that no user has ever thought these apps have been stealing their information. Upon trying to login to the app, the app basically popped up a fake Facebook login screen that would overlay the real one. As people entered their credentials, the information would directly go to the app’s servers instead of getting them verified from the Facebook servers.
This was basically a phishing attack on the masses. The information was tracked by the security researchers and they told Google about it.