1 min read.Updated: 04 Jul 2021, 02:23 PM ISTStaff Writer( with inputs from mint_print )
DrWeb has flagged 10 Android apps that were allegedly stealing users’ Facebook login details
They were posing as photo editors, app access limiters and more, and most of them were downloaded over 100,000 times
NEW DELHI :
New Delhi: Anti-virus software maker DrWeb has flagged 10 Android apps that were allegedly stealing users’ Facebook login details. Nine of these were available for download from the Google Play Store and were removed from the platform after they were reported. They were posing as photo editors, app access limiters and more, and most of these apps were downloaded over 100,000 times, while one was installed over 5 million times.
According to DrWeb’s report, photo editing apps PIP Photo and Processing Photo were downloaded 5 million and 100,000 times, respectively. The list also included access limiter apps called App Lock Keep, App Lock Manager and Lockit Master, from developers Sheralaw Rence, Implummet Col and Enali Mchicolo, respectively. These apps allow users to set various access restrictions on other apps and were downloaded 50,000, 10,000 and 5,000 times, respectively.
Further, the list also included a memory cleaner, a fitness app and two horoscope apps, which could have been downloaded from the Play Store till now. Rubbish Cleaner, Inkwell Fitness, Horoscope Daily and HscopeDaily were all downloaded over 100,000 times each as well.
“During the course of analyzing these stealer trojans, we discovered an earlier modification that was spread through Google Play under the guise of an image editing software called EditorPhotoPip, which has already been removed from the official Android app store but still available on software aggregator websites," the company said in its blog post.
Unlike most malware, the apps on DrWeb’s list were fully functional, which would help “weaken the vigilance of potential victims". They asked users to login with their Facebook accounts in order to disable in-app advertisements and access certain functions. They even displayed a legitimate Facebook login page, but would use these to steal users’ login details.
DrWeb’s blog post also said they could have used the apps to steal login details for almost any service.