Sneaky Android apps steal Facebook passwords — delete them now

Photo of Google Play app icon on Pixel 4 XL
(Image credit: Laptop Mag)

Malware analysts discovered nine Android apps on the Google Play Store with more than 5.8 million downloads that were sneakily stealing users' Facebook login credentials.

Russian anti-malware software company Dr.Web found trojan apps that would steal Facebook passwords by tricking unsuspecting victims into entering their private information in order to bypass in-app ads. Fortunately, these Android apps are no longer available on the Play Store. 

Spotted by Ars Technica, the apps ranged from photo-editing software to fitness programs and horoscope news. One of the malicious apps known as "PIP Photo" had 5 million downloads, while others ranged from 10 to 500,000.

To trick users, the trojan apps would provide full functionality of their services and take away in-app ads if the users logged into their Facebook account via the application.

The app would load up a legitimate Facebook login page, but the details typed in would go straight to the malicious actors' command-and-control server. With the number of downloads, millions of Facebook accounts could have potentially been hacked into.

While the Android apps are no longer listed on the Play Store, it's still a good idea to check if they are lingering on your smartphone and delete them straight away. According to the report, Google has permanently banned the developers of the apps to prohibit them from making new apps.

Below is a list of the trojan apps:

  • PIP Photo
  • Processing Photo
  • Rubbish Cleaner
  • Inwell Fitness
  • Horoscope Daily
  • App Lock Keep
  • Lockit Master
  • Horoscope Pi
  • App Lock Manager

During the investigation, Dr.Web analysts found an additional trojan app that had previously made its way onto the Google Play Store. Image editing software app EditorPhotoPip had already been removed but could be downloaded through aggregator websites.

The security report goes into further detail on how the hackers stole the Facebook user login credentials. For those who have downloaded these apps, it's best to change your Facebook password, along with any other application that may use the same login information.

Unfortunately, Android apps can be a huge cybersecurity risk. Earlier this year,  cybersecurity researchers discovered 13 Android apps that potentially left over 100 million smartphone users and developers vulnerable to malicious attacks due to their private data being exposed.

If you're looking to be protected online and to hide your private information, you'll want to find out what a VPN is, and why you should be using one

Darragh Murphy

Darragh Murphy is fascinated by all things bizarre, which usually leads to assorted coverage varying from washing machines designed for AirPods to the mischievous world of cyberattacks. Whether it's connecting Scar from The Lion King to two-factor authentication or turning his love for gadgets into a fabricated rap battle from 8 Mile, he believes there’s always a quirky spin to be made. With a Master’s degree in Magazine Journalism from The University of Sheffield, along with short stints at Kerrang! and Exposed Magazine, Darragh started his career writing about the tech industry at Time Out Dubai and ShortList Dubai, covering everything from the latest iPhone models and Huawei laptops to massive Esports events in the Middle East. Now, he can be found proudly diving into gaming, gadgets, and letting readers know the joys of docking stations for Laptop Mag.