Over two dozen Android apps found stealing user data

Google deletes another 25 Android apps caught stealing user data, including Facebook credentials.

Evina, a French cybersecurity firm, recently discovered a batch of 25 Android apps masking themselves as games, wallpaper, and other useful programs to get at your private information. 

Once a victim downloads one of these apps, it scans the device for other applications. If it finds Facebook, and the malicious software waits for the user to open the social media app.

Once the victim opens Facebook, it triggers the fake app to launch a lookalike browser window over the Facebook login page. If the user puts in the requested login credentials, then the app captures them and ships the details to a remote server. 

It’s been a rough year for the Google Play Store, as one study found that nearly 7% of Google Play apps run background actions. Just last month, Google removed 50 apps from the Play Store for excessive adware. 

The 25 offending apps were reported to Google in May, and the tech giant swiftly deleted them. However, some of these sneaky apps had been available in the Play Store for a year or more. During that time, roughly 2.3 million Android devices downloaded them.

The list of apps reported to Google for this issue is as follows:

  • Super Wallpapers Flashlight
  • Padenatef • Wallpaper Level
  • Contour Level wallpaper
  • iPlayer & iWallpaper
  • Video Maker
  • Color Wallpapers
  • Pedometer
  • Powerful Flashlight
  • Super Bright Flashlight
  • Super Flashlight
  • Solitaire Game
  • Accurate scanning of QR code
  • Classic card game
  • Junk file cleaning
  • Synthetic Z
  • File Manager
  • Composite Z
  • Screenshot Capture
  • Daily Horoscope Wallpapers
  • Wuxia Reader
  • Plus Weather
  • Anime Live Wallpaper
  • Health Step Counter

If you have any of these apps on your Android device, you should immediately delete it and use a different device to change your Facebook password.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Hackers used SonicWall zero-day flaw to plant ransomware
ransomware

Hackers used SonicWall zero-day flaw to plant ransomware

30 Apr 2021
Botnet targets vulnerable Microsoft Exchange servers
botnets

Botnet targets vulnerable Microsoft Exchange servers

23 Apr 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021