In a recent cybersecurity incident, Google cleared 25 applications from its google play store as they were alleged to steal the users’ FB credentials. According to Google, these applications were downloaded for around 2..35 million before the play store decided to shut them down. All these 25 applications were created by the same developer, even though they seemed to work differently and offer different features, they were all peas in a pod.
These apps showed themselves as a video editor, photo editor, wallpaper apps, file managing apps, mobile gaming apps, and flashlight apps., says Evina, a France based cybersecurity organization. When the firm came to know about the incident, it reported to Google, and precautionary measures were taken immediately to protect the end-users. The malware was also reverse-engineered so that no damage could take place. The 25 apps had malware embedded in them, which stole FB login credentials whenever the user launched the FB application.
Although the apps worked legally, they, however, had hidden malicious codes. The code could tell about the recently launched app in the user’s device. If it were FB, these apps would create a fake login page that looked the same as the original to steal the user’s login credentials. If the user entered his login credentials, the app would capture the data and transfer it to a remote server domain.
When Google came to know about the issue after Evina’s claims in May, it verified it before taking down these apps. Playstore removed these 25 apps earlier this month, some of which had been in use for more than a year.